diff --git a/.buildkite/scripts/steps/esql_generate_function_metadata.sh b/.buildkite/scripts/steps/esql_generate_function_metadata.sh index 07de4bc9bd04c..15d0087594696 100755 --- a/.buildkite/scripts/steps/esql_generate_function_metadata.sh +++ b/.buildkite/scripts/steps/esql_generate_function_metadata.sh @@ -2,7 +2,7 @@ set -euo pipefail VALIDATION_PACKAGE_DIR="packages/kbn-esql-validation-autocomplete" -EDITOR_PACKAGE_DIR="packages/kbn-language-documentation-popover" +EDITOR_PACKAGE_DIR="packages/kbn-language-documentation" GIT_SCOPE="$VALIDATION_PACKAGE_DIR/**/* $EDITOR_PACKAGE_DIR/**/*" report_main_step () { diff --git a/.buildkite/scripts/steps/openapi_bundling/final_merge.sh b/.buildkite/scripts/steps/openapi_bundling/final_merge.sh index 41ca47aef24ee..bd9de3c966d8d 100755 --- a/.buildkite/scripts/steps/openapi_bundling/final_merge.sh +++ b/.buildkite/scripts/steps/openapi_bundling/final_merge.sh @@ -7,3 +7,6 @@ source .buildkite/scripts/common/util.sh echo --- Merge Kibana OpenAPI specs (cd oas_docs && make api-docs && make api-docs-lint) +(cd oas_docs && make api-docs-staging && make api-docs-lint) + +check_for_changed_files "make api-docs && make api-docs-staging" true diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 7ec76d03da9e0..ee4aac2503b9b 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -354,6 +354,7 @@ x-pack/plugins/data_quality @elastic/obs-ux-logs-team test/plugin_functional/plugins/data_search @elastic/kibana-data-discovery packages/kbn-data-service @elastic/kibana-visualizations @elastic/kibana-data-discovery packages/kbn-data-stream-adapter @elastic/security-threat-hunting-explore +x-pack/plugins/data_usage @elastic/obs-ai-assistant @elastic/security-solution src/plugins/data_view_editor @elastic/kibana-data-discovery examples/data_view_field_editor_example @elastic/kibana-data-discovery src/plugins/data_view_field_editor @elastic/kibana-data-discovery @@ -552,7 +553,7 @@ src/plugins/kibana_usage_collection @elastic/kibana-core src/plugins/kibana_utils @elastic/appex-sharedux x-pack/plugins/kubernetes_security @elastic/kibana-cloud-security-posture x-pack/packages/kbn-langchain @elastic/security-generative-ai -packages/kbn-language-documentation-popover @elastic/kibana-esql +packages/kbn-language-documentation @elastic/kibana-esql x-pack/examples/lens_config_builder_example @elastic/kibana-visualizations packages/kbn-lens-embeddable-utils @elastic/obs-ux-infra_services-team @elastic/kibana-visualizations packages/kbn-lens-formula-docs @elastic/kibana-visualizations @@ -1417,6 +1418,15 @@ x-pack/plugins/cloud_integrations/cloud_full_story/server/config.ts @elastic/kib /x-pack/test_serverless/functional/test_suites/security/screenshot_creation/response_ops_docs @elastic/response-ops /x-pack/test_serverless/functional/test_suites/observability/screenshot_creation/response_ops_docs @elastic/response-ops /x-pack/test_serverless/api_integration/test_suites/common/alerting/ @elastic/response-ops +/x-pack/test/functional/es_archives/action_task_params @elastic/response-ops +/x-pack/test/functional/es_archives/actions @elastic/response-ops +/x-pack/test/functional/es_archives/alerting @elastic/response-ops +/x-pack/test/functional/es_archives/alerts @elastic/response-ops +/x-pack/test/functional/es_archives/alerts_legacy @elastic/response-ops +/x-pack/test/functional/es_archives/observability/alerts @elastic/response-ops +/x-pack/test/functional/es_archives/actions @elastic/response-ops +/x-pack/test/functional/es_archives/rules_scheduled_task_id @elastic/response-ops +/x-pack/test/functional/es_archives/alerting/8_2_0 @elastic/response-ops # Enterprise Search /x-pack/test/functional_enterprise_search/ @elastic/search-kibana diff --git a/.i18nrc.json b/.i18nrc.json index b65c71b1a0d44..9dcba18d2dba3 100644 --- a/.i18nrc.json +++ b/.i18nrc.json @@ -118,7 +118,7 @@ "serverlessPackages": "packages/serverless", "sse": [ "packages/kbn-sse-utils" ], "coloring": "packages/kbn-coloring/src", - "languageDocumentationPopover": "packages/kbn-language-documentation-popover/src", + "languageDocumentation": "packages/kbn-language-documentation/src", "esql": "src/plugins/esql", "esqlDataGrid": "src/plugins/esql_datagrid", "statusPage": "src/legacy/core_plugins/status_page", diff --git a/api_docs/actions.mdx b/api_docs/actions.mdx index e4e0104f1491f..35ad4814bdb77 100644 --- a/api_docs/actions.mdx +++ b/api_docs/actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/actions title: "actions" image: https://source.unsplash.com/400x175/?github description: API docs for the actions plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'actions'] --- import actionsObj from './actions.devdocs.json'; diff --git a/api_docs/advanced_settings.mdx b/api_docs/advanced_settings.mdx index 1cb3a87f9e883..ec3deb5a4bc1d 100644 --- a/api_docs/advanced_settings.mdx +++ b/api_docs/advanced_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/advancedSettings title: "advancedSettings" image: https://source.unsplash.com/400x175/?github description: API docs for the advancedSettings plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'advancedSettings'] --- import advancedSettingsObj from './advanced_settings.devdocs.json'; diff --git a/api_docs/ai_assistant_management_selection.mdx b/api_docs/ai_assistant_management_selection.mdx index dfc340739e4d5..832dc0148fc16 100644 --- a/api_docs/ai_assistant_management_selection.mdx +++ b/api_docs/ai_assistant_management_selection.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/aiAssistantManagementSelection title: "aiAssistantManagementSelection" image: https://source.unsplash.com/400x175/?github description: API docs for the aiAssistantManagementSelection plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'aiAssistantManagementSelection'] --- import aiAssistantManagementSelectionObj from './ai_assistant_management_selection.devdocs.json'; diff --git a/api_docs/aiops.mdx b/api_docs/aiops.mdx index b161052452d05..8a1af6c7ed4d9 100644 --- a/api_docs/aiops.mdx +++ b/api_docs/aiops.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/aiops title: "aiops" image: https://source.unsplash.com/400x175/?github description: API docs for the aiops plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'aiops'] --- import aiopsObj from './aiops.devdocs.json'; diff --git a/api_docs/alerting.mdx b/api_docs/alerting.mdx index b9277e60a8c21..f84ea0fce4f9a 100644 --- a/api_docs/alerting.mdx +++ b/api_docs/alerting.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/alerting title: "alerting" image: https://source.unsplash.com/400x175/?github description: API docs for the alerting plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'alerting'] --- import alertingObj from './alerting.devdocs.json'; diff --git a/api_docs/apm.mdx b/api_docs/apm.mdx index 89dcfb4015864..805621f44124c 100644 --- a/api_docs/apm.mdx +++ b/api_docs/apm.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/apm title: "apm" image: https://source.unsplash.com/400x175/?github description: API docs for the apm plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'apm'] --- import apmObj from './apm.devdocs.json'; diff --git a/api_docs/apm_data_access.mdx b/api_docs/apm_data_access.mdx index c7ed4fad1b0b4..1c86ea4253378 100644 --- a/api_docs/apm_data_access.mdx +++ b/api_docs/apm_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/apmDataAccess title: "apmDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the apmDataAccess plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'apmDataAccess'] --- import apmDataAccessObj from './apm_data_access.devdocs.json'; diff --git a/api_docs/banners.mdx b/api_docs/banners.mdx index 13af2ccc3f215..444d5bdae536c 100644 --- a/api_docs/banners.mdx +++ b/api_docs/banners.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/banners title: "banners" image: https://source.unsplash.com/400x175/?github description: API docs for the banners plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'banners'] --- import bannersObj from './banners.devdocs.json'; diff --git a/api_docs/bfetch.mdx b/api_docs/bfetch.mdx index 3843c9535ccd6..368cbbd4b250b 100644 --- a/api_docs/bfetch.mdx +++ b/api_docs/bfetch.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/bfetch title: "bfetch" image: https://source.unsplash.com/400x175/?github description: API docs for the bfetch plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'bfetch'] --- import bfetchObj from './bfetch.devdocs.json'; diff --git a/api_docs/canvas.mdx b/api_docs/canvas.mdx index 12f4f0a614412..3eb2bea386ac9 100644 --- a/api_docs/canvas.mdx +++ b/api_docs/canvas.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/canvas title: "canvas" image: https://source.unsplash.com/400x175/?github description: API docs for the canvas plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'canvas'] --- import canvasObj from './canvas.devdocs.json'; diff --git a/api_docs/cases.mdx b/api_docs/cases.mdx index da82fe3364d26..263fa4e8c6da2 100644 --- a/api_docs/cases.mdx +++ b/api_docs/cases.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cases title: "cases" image: https://source.unsplash.com/400x175/?github description: API docs for the cases plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cases'] --- import casesObj from './cases.devdocs.json'; diff --git a/api_docs/charts.mdx b/api_docs/charts.mdx index f87336b8ff83c..438ab5bdbf27b 100644 --- a/api_docs/charts.mdx +++ b/api_docs/charts.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/charts title: "charts" image: https://source.unsplash.com/400x175/?github description: API docs for the charts plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'charts'] --- import chartsObj from './charts.devdocs.json'; diff --git a/api_docs/cloud.mdx b/api_docs/cloud.mdx index 52f7f8b9460e3..356d069211f3a 100644 --- a/api_docs/cloud.mdx +++ b/api_docs/cloud.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloud title: "cloud" image: https://source.unsplash.com/400x175/?github description: API docs for the cloud plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloud'] --- import cloudObj from './cloud.devdocs.json'; diff --git a/api_docs/cloud_data_migration.mdx b/api_docs/cloud_data_migration.mdx index 00da0feb4b77a..7bf7712e6416e 100644 --- a/api_docs/cloud_data_migration.mdx +++ b/api_docs/cloud_data_migration.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloudDataMigration title: "cloudDataMigration" image: https://source.unsplash.com/400x175/?github description: API docs for the cloudDataMigration plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloudDataMigration'] --- import cloudDataMigrationObj from './cloud_data_migration.devdocs.json'; diff --git a/api_docs/cloud_defend.mdx b/api_docs/cloud_defend.mdx index b549df3505d93..efe9ab2122970 100644 --- a/api_docs/cloud_defend.mdx +++ b/api_docs/cloud_defend.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloudDefend title: "cloudDefend" image: https://source.unsplash.com/400x175/?github description: API docs for the cloudDefend plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloudDefend'] --- import cloudDefendObj from './cloud_defend.devdocs.json'; diff --git a/api_docs/cloud_security_posture.mdx b/api_docs/cloud_security_posture.mdx index 1f75ab142868d..b04ffbebe34d6 100644 --- a/api_docs/cloud_security_posture.mdx +++ b/api_docs/cloud_security_posture.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloudSecurityPosture title: "cloudSecurityPosture" image: https://source.unsplash.com/400x175/?github description: API docs for the cloudSecurityPosture plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloudSecurityPosture'] --- import cloudSecurityPostureObj from './cloud_security_posture.devdocs.json'; diff --git a/api_docs/console.mdx b/api_docs/console.mdx index 8a9219f181280..b1ba453d27262 100644 --- a/api_docs/console.mdx +++ b/api_docs/console.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/console title: "console" image: https://source.unsplash.com/400x175/?github description: API docs for the console plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'console'] --- import consoleObj from './console.devdocs.json'; diff --git a/api_docs/content_management.mdx b/api_docs/content_management.mdx index 099962d6a9822..b346e7e7869ba 100644 --- a/api_docs/content_management.mdx +++ b/api_docs/content_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/contentManagement title: "contentManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the contentManagement plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'contentManagement'] --- import contentManagementObj from './content_management.devdocs.json'; diff --git a/api_docs/controls.devdocs.json b/api_docs/controls.devdocs.json index 98a9926f2f4d5..a683c8bf221a3 100644 --- a/api_docs/controls.devdocs.json +++ b/api_docs/controls.devdocs.json @@ -21,7 +21,7 @@ }, ") => JSX.Element" ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer_lazy.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer_lazy.tsx", "deprecated": false, "trackAdoption": false, "children": [ @@ -41,7 +41,7 @@ "text": "ControlGroupRendererProps" } ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer_lazy.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer_lazy.tsx", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -59,7 +59,7 @@ "tags": [], "label": "ControlGroupCreationOptions", "description": [], - "path": "src/plugins/controls/public/react_controls/external_api/types.ts", + "path": "src/plugins/controls/public/control_group/control_group_renderer/types.ts", "deprecated": false, "trackAdoption": false, "children": [ @@ -89,7 +89,7 @@ }, ">> | undefined" ], - "path": "src/plugins/controls/public/react_controls/external_api/types.ts", + "path": "src/plugins/controls/public/control_group/control_group_renderer/types.ts", "deprecated": false, "trackAdoption": false }, @@ -110,7 +110,7 @@ }, " | undefined" ], - "path": "src/plugins/controls/public/react_controls/external_api/types.ts", + "path": "src/plugins/controls/public/control_group/control_group_renderer/types.ts", "deprecated": false, "trackAdoption": false } @@ -124,7 +124,7 @@ "tags": [], "label": "ControlGroupRendererProps", "description": [], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false, "children": [ @@ -146,7 +146,7 @@ }, ") => void" ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false, "children": [ @@ -166,7 +166,7 @@ "text": "ControlGroupRendererApi" } ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -284,7 +284,7 @@ }, ">>) | undefined" ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false, "children": [ @@ -314,7 +314,7 @@ }, ">>" ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -405,7 +405,7 @@ }, ">>, controlId?: string | undefined) => void; }" ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -430,7 +430,7 @@ }, " | undefined" ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false }, @@ -451,7 +451,7 @@ }, "[] | undefined" ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false }, @@ -472,7 +472,7 @@ }, " | undefined" ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false }, @@ -493,7 +493,7 @@ }, " | undefined" ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false }, @@ -507,7 +507,7 @@ "signature": [ "boolean | undefined" ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false } @@ -797,7 +797,7 @@ "ControlFactory", "" ], - "path": "src/plugins/controls/public/react_controls/controls/data_controls/types.ts", + "path": "src/plugins/controls/public/controls/data_controls/types.ts", "deprecated": false, "trackAdoption": false, "children": [ @@ -819,7 +819,7 @@ }, ") => boolean" ], - "path": "src/plugins/controls/public/react_controls/controls/data_controls/types.ts", + "path": "src/plugins/controls/public/controls/data_controls/types.ts", "deprecated": false, "trackAdoption": false, "children": [ @@ -839,7 +839,7 @@ "text": "DataViewField" } ], - "path": "src/plugins/controls/public/react_controls/controls/data_controls/types.ts", + "path": "src/plugins/controls/public/controls/data_controls/types.ts", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -859,7 +859,7 @@ "CustomOptionsComponentProps", "> | undefined" ], - "path": "src/plugins/controls/public/react_controls/controls/data_controls/types.ts", + "path": "src/plugins/controls/public/controls/data_controls/types.ts", "deprecated": false, "trackAdoption": false } @@ -1373,7 +1373,7 @@ }, ") => void; }" ], - "path": "src/plugins/controls/public/react_controls/control_group/types.ts", + "path": "src/plugins/controls/public/control_group/types.ts", "deprecated": false, "trackAdoption": false, "initialIsOpen": false @@ -1659,7 +1659,7 @@ }, ">>; }" ], - "path": "src/plugins/controls/public/react_controls/external_api/types.ts", + "path": "src/plugins/controls/public/control_group/control_group_renderer/types.ts", "deprecated": false, "trackAdoption": false, "initialIsOpen": false @@ -1750,7 +1750,7 @@ }, ">>, controlId?: string | undefined) => void; }" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "initialIsOpen": false @@ -1780,7 +1780,7 @@ "signature": [ "(newState: Partial, controlType: string) => Partial" ], - "path": "src/plugins/controls/public/react_controls/control_group/types.ts", + "path": "src/plugins/controls/public/control_group/types.ts", "deprecated": false, "trackAdoption": false, "returnComment": [], @@ -1795,7 +1795,7 @@ "signature": [ "{ [P in keyof State]?: State[P] | undefined; }" ], - "path": "src/plugins/controls/public/react_controls/control_group/types.ts", + "path": "src/plugins/controls/public/control_group/types.ts", "deprecated": false, "trackAdoption": false }, @@ -1806,7 +1806,7 @@ "tags": [], "label": "controlType", "description": [], - "path": "src/plugins/controls/public/react_controls/control_group/types.ts", + "path": "src/plugins/controls/public/control_group/types.ts", "deprecated": false, "trackAdoption": false } @@ -1972,7 +1972,7 @@ }, " & { untilFiltersReady: () => Promise; }" ], - "path": "src/plugins/controls/public/react_controls/controls/data_controls/types.ts", + "path": "src/plugins/controls/public/controls/data_controls/types.ts", "deprecated": false, "trackAdoption": false, "initialIsOpen": false @@ -2031,7 +2031,7 @@ "tags": [], "label": "controlGroupStateBuilder", "description": [], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "children": [ @@ -2069,7 +2069,7 @@ }, ", controlId?: string | undefined) => Promise" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "children": [ @@ -2099,7 +2099,7 @@ }, ">>" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -2120,7 +2120,7 @@ "text": "DefaultDataControlState" } ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -2135,7 +2135,7 @@ "signature": [ "string | undefined" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": false @@ -2171,7 +2171,7 @@ "OptionsListControlState", ", controlId?: string | undefined) => void" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "children": [ @@ -2201,7 +2201,7 @@ }, ">>" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -2216,7 +2216,7 @@ "signature": [ "OptionsListControlState" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -2231,7 +2231,7 @@ "signature": [ "string | undefined" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": false @@ -2267,7 +2267,7 @@ "RangesliderControlState", ", controlId?: string | undefined) => void" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "children": [ @@ -2297,7 +2297,7 @@ }, ">>" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -2312,7 +2312,7 @@ "signature": [ "RangesliderControlState" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -2327,7 +2327,7 @@ "signature": [ "string | undefined" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": false @@ -2361,7 +2361,7 @@ }, ">>, controlId?: string | undefined) => void" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "children": [ @@ -2391,7 +2391,7 @@ }, ">>" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -2406,7 +2406,7 @@ "signature": [ "string | undefined" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": false diff --git a/api_docs/controls.mdx b/api_docs/controls.mdx index 0d2c150dd21ad..828ebf90b5f85 100644 --- a/api_docs/controls.mdx +++ b/api_docs/controls.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/controls title: "controls" image: https://source.unsplash.com/400x175/?github description: API docs for the controls plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'controls'] --- import controlsObj from './controls.devdocs.json'; diff --git a/api_docs/custom_integrations.mdx b/api_docs/custom_integrations.mdx index ffaa52c43f2b9..8953357ee4a5d 100644 --- a/api_docs/custom_integrations.mdx +++ b/api_docs/custom_integrations.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/customIntegrations title: "customIntegrations" image: https://source.unsplash.com/400x175/?github description: API docs for the customIntegrations plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'customIntegrations'] --- import customIntegrationsObj from './custom_integrations.devdocs.json'; diff --git a/api_docs/dashboard.mdx b/api_docs/dashboard.mdx index 348c49d3c7a02..787ea074ae56f 100644 --- a/api_docs/dashboard.mdx +++ b/api_docs/dashboard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dashboard title: "dashboard" image: https://source.unsplash.com/400x175/?github description: API docs for the dashboard plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dashboard'] --- import dashboardObj from './dashboard.devdocs.json'; diff --git a/api_docs/dashboard_enhanced.mdx b/api_docs/dashboard_enhanced.mdx index 7497c10d3dd1b..b7193bdad55a2 100644 --- a/api_docs/dashboard_enhanced.mdx +++ b/api_docs/dashboard_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dashboardEnhanced title: "dashboardEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the dashboardEnhanced plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dashboardEnhanced'] --- import dashboardEnhancedObj from './dashboard_enhanced.devdocs.json'; diff --git a/api_docs/data.devdocs.json b/api_docs/data.devdocs.json index a5d021e9a0505..fc81984f7b688 100644 --- a/api_docs/data.devdocs.json +++ b/api_docs/data.devdocs.json @@ -11731,14 +11731,6 @@ { "plugin": "securitySolution", "path": "x-pack/plugins/security_solution/public/common/mock/endpoint/dependencies_start_mock.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" } ] }, diff --git a/api_docs/data.mdx b/api_docs/data.mdx index 83a4cf8af4b4d..aff51e317e940 100644 --- a/api_docs/data.mdx +++ b/api_docs/data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/data title: "data" image: https://source.unsplash.com/400x175/?github description: API docs for the data plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'data'] --- import dataObj from './data.devdocs.json'; diff --git a/api_docs/data_quality.mdx b/api_docs/data_quality.mdx index 64637a749f066..c9232391a7a37 100644 --- a/api_docs/data_quality.mdx +++ b/api_docs/data_quality.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataQuality title: "dataQuality" image: https://source.unsplash.com/400x175/?github description: API docs for the dataQuality plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataQuality'] --- import dataQualityObj from './data_quality.devdocs.json'; diff --git a/api_docs/data_query.mdx b/api_docs/data_query.mdx index af0dff28b917f..18c76189bbdc1 100644 --- a/api_docs/data_query.mdx +++ b/api_docs/data_query.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/data-query title: "data.query" image: https://source.unsplash.com/400x175/?github description: API docs for the data.query plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'data.query'] --- import dataQueryObj from './data_query.devdocs.json'; diff --git a/api_docs/data_search.mdx b/api_docs/data_search.mdx index 8114e3510911e..0a8beabf4a094 100644 --- a/api_docs/data_search.mdx +++ b/api_docs/data_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/data-search title: "data.search" image: https://source.unsplash.com/400x175/?github description: API docs for the data.search plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'data.search'] --- import dataSearchObj from './data_search.devdocs.json'; diff --git a/api_docs/data_usage.devdocs.json b/api_docs/data_usage.devdocs.json new file mode 100644 index 0000000000000..835cb7f1ef9a3 --- /dev/null +++ b/api_docs/data_usage.devdocs.json @@ -0,0 +1,111 @@ +{ + "id": "dataUsage", + "client": { + "classes": [], + "functions": [], + "interfaces": [], + "enums": [], + "misc": [], + "objects": [], + "setup": { + "parentPluginId": "dataUsage", + "id": "def-public.DataUsagePublicSetup", + "type": "Interface", + "tags": [], + "label": "DataUsagePublicSetup", + "description": [], + "path": "x-pack/plugins/data_usage/public/types.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "lifecycle": "setup", + "initialIsOpen": true + }, + "start": { + "parentPluginId": "dataUsage", + "id": "def-public.DataUsagePublicStart", + "type": "Interface", + "tags": [], + "label": "DataUsagePublicStart", + "description": [], + "path": "x-pack/plugins/data_usage/public/types.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "lifecycle": "start", + "initialIsOpen": true + } + }, + "server": { + "classes": [], + "functions": [], + "interfaces": [], + "enums": [], + "misc": [], + "objects": [], + "setup": { + "parentPluginId": "dataUsage", + "id": "def-server.DataUsageServerSetup", + "type": "Interface", + "tags": [], + "label": "DataUsageServerSetup", + "description": [], + "path": "x-pack/plugins/data_usage/server/types.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "lifecycle": "setup", + "initialIsOpen": true + }, + "start": { + "parentPluginId": "dataUsage", + "id": "def-server.DataUsageServerStart", + "type": "Interface", + "tags": [], + "label": "DataUsageServerStart", + "description": [], + "path": "x-pack/plugins/data_usage/server/types.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "lifecycle": "start", + "initialIsOpen": true + } + }, + "common": { + "classes": [], + "functions": [], + "interfaces": [], + "enums": [], + "misc": [ + { + "parentPluginId": "dataUsage", + "id": "def-common.PLUGIN_ID", + "type": "string", + "tags": [], + "label": "PLUGIN_ID", + "description": [], + "signature": [ + "\"data_usage\"" + ], + "path": "x-pack/plugins/data_usage/common/index.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "dataUsage", + "id": "def-common.PLUGIN_NAME", + "type": "string", + "tags": [], + "label": "PLUGIN_NAME", + "description": [], + "path": "x-pack/plugins/data_usage/common/index.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + } + ], + "objects": [] + } +} \ No newline at end of file diff --git a/api_docs/data_usage.mdx b/api_docs/data_usage.mdx new file mode 100644 index 0000000000000..998b0ebf701f4 --- /dev/null +++ b/api_docs/data_usage.mdx @@ -0,0 +1,46 @@ +--- +#### +#### This document is auto-generated and is meant to be viewed inside our experimental, new docs system. +#### Reach out in #docs-engineering for more info. +#### +id: kibDataUsagePluginApi +slug: /kibana-dev-docs/api/dataUsage +title: "dataUsage" +image: https://source.unsplash.com/400x175/?github +description: API docs for the dataUsage plugin +date: 2024-09-23 +tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataUsage'] +--- +import dataUsageObj from './data_usage.devdocs.json'; + + + +Contact [@elastic/obs-ai-assistant](https://github.com/orgs/elastic/teams/obs-ai-assistant) for questions regarding this plugin. + +**Code health stats** + +| Public API count | Any count | Items lacking comments | Missing exports | +|-------------------|-----------|------------------------|-----------------| +| 6 | 0 | 6 | 0 | + +## Client + +### Setup + + +### Start + + +## Server + +### Setup + + +### Start + + +## Common + +### Consts, variables and types + + diff --git a/api_docs/data_view_editor.mdx b/api_docs/data_view_editor.mdx index e217389b8c69c..69b7fabcc9c15 100644 --- a/api_docs/data_view_editor.mdx +++ b/api_docs/data_view_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViewEditor title: "dataViewEditor" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViewEditor plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViewEditor'] --- import dataViewEditorObj from './data_view_editor.devdocs.json'; diff --git a/api_docs/data_view_field_editor.mdx b/api_docs/data_view_field_editor.mdx index ea9afd08ef7c9..6726baec9021a 100644 --- a/api_docs/data_view_field_editor.mdx +++ b/api_docs/data_view_field_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViewFieldEditor title: "dataViewFieldEditor" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViewFieldEditor plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViewFieldEditor'] --- import dataViewFieldEditorObj from './data_view_field_editor.devdocs.json'; diff --git a/api_docs/data_view_management.mdx b/api_docs/data_view_management.mdx index 2952e866888b8..d6ef9036e376e 100644 --- a/api_docs/data_view_management.mdx +++ b/api_docs/data_view_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViewManagement title: "dataViewManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViewManagement plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViewManagement'] --- import dataViewManagementObj from './data_view_management.devdocs.json'; diff --git a/api_docs/data_views.devdocs.json b/api_docs/data_views.devdocs.json index 1015fb02d2144..f9b5b93e81fe8 100644 --- a/api_docs/data_views.devdocs.json +++ b/api_docs/data_views.devdocs.json @@ -14080,7 +14080,7 @@ }, { "plugin": "controls", - "path": "src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/options_list_fetch_cache.ts" + "path": "src/plugins/controls/public/controls/data_controls/options_list_control/options_list_fetch_cache.ts" }, { "plugin": "@kbn/lens-embeddable-utils", diff --git a/api_docs/data_views.mdx b/api_docs/data_views.mdx index 22284b7b5f66c..f175b39c846b2 100644 --- a/api_docs/data_views.mdx +++ b/api_docs/data_views.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViews title: "dataViews" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViews plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViews'] --- import dataViewsObj from './data_views.devdocs.json'; diff --git a/api_docs/data_visualizer.mdx b/api_docs/data_visualizer.mdx index 6dd527a489757..f5d9baae2b729 100644 --- a/api_docs/data_visualizer.mdx +++ b/api_docs/data_visualizer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataVisualizer title: "dataVisualizer" image: https://source.unsplash.com/400x175/?github description: API docs for the dataVisualizer plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataVisualizer'] --- import dataVisualizerObj from './data_visualizer.devdocs.json'; diff --git a/api_docs/dataset_quality.mdx b/api_docs/dataset_quality.mdx index 6a1a10337af1c..ed346bb4f6136 100644 --- a/api_docs/dataset_quality.mdx +++ b/api_docs/dataset_quality.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/datasetQuality title: "datasetQuality" image: https://source.unsplash.com/400x175/?github description: API docs for the datasetQuality plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'datasetQuality'] --- import datasetQualityObj from './dataset_quality.devdocs.json'; diff --git a/api_docs/deprecations_by_api.mdx b/api_docs/deprecations_by_api.mdx index fd1c958327037..510fd282bfb48 100644 --- a/api_docs/deprecations_by_api.mdx +++ b/api_docs/deprecations_by_api.mdx @@ -7,7 +7,7 @@ id: kibDevDocsDeprecationsByApi slug: /kibana-dev-docs/api-meta/deprecated-api-list-by-api title: Deprecated API usage by API description: A list of deprecated APIs, which plugins are still referencing them, and when they need to be removed by. -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- @@ -21,10 +21,10 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | ml, securitySolution | - | | | actions, savedObjectsTagging, ml, enterpriseSearch | - | | | @kbn/core-saved-objects-browser-internal, @kbn/core, savedObjects, visualizations, aiops, dataVisualizer, ml, dashboardEnhanced, graph, lens, securitySolution, eventAnnotation, @kbn/core-saved-objects-browser-mocks | - | -| | @kbn/core, savedObjects, embeddable, visualizations, canvas, graph, ml | - | +| | @kbn/core, embeddable, savedObjects, visualizations, canvas, graph, ml | - | | | @kbn/core-saved-objects-base-server-internal, @kbn/core-saved-objects-migration-server-internal, @kbn/core-saved-objects-server-internal, @kbn/core-ui-settings-server-internal, @kbn/core-usage-data-server-internal, taskManager, spaces, actions, @kbn/core-saved-objects-migration-server-mocks, share, dataViews, data, alerting, lens, cases, savedSearch, canvas, fleet, cloudSecurityPosture, ml, logsShared, graph, lists, maps, visualizations, infra, apmDataAccess, securitySolution, apm, slo, synthetics, uptime, dashboard, eventAnnotation, links, savedObjectsManagement, @kbn/core-test-helpers-so-type-serializer, @kbn/core-saved-objects-api-server-internal | - | | | stackAlerts, alerting, securitySolution, inputControlVis | - | -| | graph, stackAlerts, inputControlVis, securitySolution, savedObjects | - | +| | graph, stackAlerts, inputControlVis, securitySolution | - | | | dashboard, dataVisualizer, stackAlerts, expressionPartitionVis | - | | | stackAlerts, alerting, securitySolution, inputControlVis | - | | | triggersActionsUi | - | @@ -69,18 +69,18 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | alerting, observabilityAIAssistant, fleet, cloudSecurityPosture, entityManager, serverlessSearch, transform, upgradeAssistant, apm, synthetics, security | - | | | actions, alerting | - | | | monitoring | - | -| | @kbn/core-saved-objects-api-browser, @kbn/core, savedObjects, savedObjectsManagement, visualizations, savedObjectsTagging, eventAnnotation, lens, maps, graph, dashboard, savedObjectsTaggingOss, kibanaUtils, expressions, data, embeddable, uiActionsEnhanced, canvas, dashboardEnhanced, globalSearchProviders, controls | - | +| | @kbn/core-saved-objects-api-browser, @kbn/core, savedObjectsManagement, savedObjects, visualizations, savedObjectsTagging, eventAnnotation, lens, maps, graph, dashboard, kibanaUtils, expressions, data, savedObjectsTaggingOss, embeddable, uiActionsEnhanced, canvas, dashboardEnhanced, globalSearchProviders, controls | - | | | @kbn/core-saved-objects-browser, @kbn/core-saved-objects-browser-internal, @kbn/core, home, savedObjects, visualizations, lens, visTypeTimeseries, @kbn/core-saved-objects-browser-mocks | - | | | @kbn/core-saved-objects-browser-internal, @kbn/core-saved-objects-browser-mocks, savedObjects | - | | | @kbn/core-saved-objects-browser-mocks, home, @kbn/core-saved-objects-browser-internal | - | -| | @kbn/core-saved-objects-browser-internal, @kbn/core-saved-objects-browser-mocks, savedObjects, visualizations | - | +| | @kbn/core-saved-objects-browser-internal, @kbn/core-saved-objects-browser-mocks, visualizations | - | | | @kbn/core-saved-objects-browser-mocks, @kbn/core-saved-objects-browser-internal | - | | | @kbn/core-saved-objects-browser-mocks, savedObjects, dashboardEnhanced, @kbn/core-saved-objects-browser-internal | - | -| | @kbn/core-saved-objects-browser-mocks, savedObjects, dashboardEnhanced, @kbn/core-saved-objects-browser-internal | - | -| | @kbn/core-saved-objects-browser-mocks, savedObjects, @kbn/core-saved-objects-browser-internal | - | +| | @kbn/core-saved-objects-browser-mocks, dashboardEnhanced, savedObjects, @kbn/core-saved-objects-browser-internal | - | +| | @kbn/core-saved-objects-browser-mocks, @kbn/core-saved-objects-browser-internal | - | | | @kbn/core-saved-objects-browser-mocks, discover, @kbn/core-saved-objects-browser-internal | - | | | @kbn/core-saved-objects-browser-mocks, @kbn/core-saved-objects-browser-internal | - | -| | @kbn/core-saved-objects-browser-internal, @kbn/core-saved-objects-browser-mocks, savedObjects | - | +| | @kbn/core-saved-objects-browser-internal, @kbn/core-saved-objects-browser-mocks | - | | | @kbn/core-saved-objects-browser-mocks, @kbn/core-saved-objects-browser-internal | - | | | @kbn/core-saved-objects-browser-mocks, @kbn/core-saved-objects-browser-internal | - | | | @kbn/core-saved-objects-browser-internal | - | @@ -109,8 +109,6 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | graph, visTypeTimeseries, dataViewManagement | - | | | visualizations, graph | - | | | kubernetesSecurity, osquery, threatIntelligence | - | -| | @kbn/core-plugins-browser-internal, @kbn/core-root-browser-internal, home, savedObjects, unifiedSearch, visualizations, fileUpload, dashboardEnhanced, transform, discover, dataVisualizer | - | -| | @kbn/core, lens, savedObjects | - | | | lens, dashboard, canvas | - | | | lens, dashboard | - | | | lens, dashboard, investigateApp | - | @@ -118,6 +116,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | dashboard | - | | | embeddable, dashboard | - | | | dashboard, maps | - | +| | @kbn/core-plugins-browser-internal, @kbn/core-root-browser-internal, home, unifiedSearch, visualizations, fileUpload, dashboardEnhanced, transform, discover, dataVisualizer | - | | | dataViews, maps | - | | | dataViews, dataViewManagement | - | | | dataViews, dataViewManagement | - | @@ -133,6 +132,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | unifiedSearch | - | | | unifiedSearch | - | | | lens | - | +| | @kbn/core, lens, savedObjects | - | | | canvas | - | | | canvas | - | | | canvas | - | @@ -182,7 +182,6 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | security, @kbn/security-role-management-model | 8.8.0 | | | apm | 8.8.0 | | | mapsEms | 8.8.0 | -| | savedObjectsTaggingOss | 8.8.0 | | | @kbn/core-plugins-server-internal, @kbn/core | 8.8.0 | | | security | 8.8.0 @@ -236,7 +235,7 @@ Safe to remove. | | lists | | | lists | | | lists | -| | savedObjects | +| | savedObjects | | | security | | | serverless | | | taskManager | diff --git a/api_docs/deprecations_by_plugin.mdx b/api_docs/deprecations_by_plugin.mdx index 9fe0f439213df..90decb28037bf 100644 --- a/api_docs/deprecations_by_plugin.mdx +++ b/api_docs/deprecations_by_plugin.mdx @@ -7,7 +7,7 @@ id: kibDevDocsDeprecationsByPlugin slug: /kibana-dev-docs/api-meta/deprecated-api-list-by-plugin title: Deprecated API usage by plugin description: A list of deprecated APIs, which plugins are still referencing them, and when they need to be removed by. -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- @@ -623,7 +623,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | Deprecated API | Reference location(s) | Remove By | | ---------------|-----------|-----------| -| | [options_list_fetch_cache.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/options_list_fetch_cache.ts#:~:text=title) | - | +| | [options_list_fetch_cache.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/public/controls/data_controls/options_list_control/options_list_fetch_cache.ts#:~:text=title) | - | | | [control_group_persistable_state.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/server/control_group/control_group_persistable_state.ts#:~:text=SavedObjectReference), [control_group_persistable_state.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/server/control_group/control_group_persistable_state.ts#:~:text=SavedObjectReference), [control_group_persistable_state.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/server/control_group/control_group_persistable_state.ts#:~:text=SavedObjectReference), [options_list_persistable_state.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/server/options_list/options_list_persistable_state.ts#:~:text=SavedObjectReference), [options_list_persistable_state.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/server/options_list/options_list_persistable_state.ts#:~:text=SavedObjectReference), [options_list_persistable_state.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/server/options_list/options_list_persistable_state.ts#:~:text=SavedObjectReference), [range_slider_persistable_state.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/server/range_slider/range_slider_persistable_state.ts#:~:text=SavedObjectReference), [range_slider_persistable_state.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/server/range_slider/range_slider_persistable_state.ts#:~:text=SavedObjectReference), [range_slider_persistable_state.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/server/range_slider/range_slider_persistable_state.ts#:~:text=SavedObjectReference), [time_slider_persistable_state.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/server/time_slider/time_slider_persistable_state.ts#:~:text=SavedObjectReference)+ 2 more | - | @@ -1227,20 +1227,15 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | Deprecated API | Reference location(s) | Remove By | | ---------------|-----------|-----------| -| | [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=indexPatterns), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=indexPatterns) | - | -| | [plugin.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/plugin.ts#:~:text=savedObjects) | - | -| | [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectsClientContract), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectsClientContract), [initialize_saved_object.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/initialize_saved_object.ts#:~:text=SavedObjectsClientContract), [initialize_saved_object.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/initialize_saved_object.ts#:~:text=SavedObjectsClientContract), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SavedObjectsClientContract), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SavedObjectsClientContract), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SavedObjectsClientContract), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=SavedObjectsClientContract), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=SavedObjectsClientContract), [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=SavedObjectsClientContract)+ 5 more | - | -| | [create_source.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/create_source.ts#:~:text=create), [create_source.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/create_source.ts#:~:text=create), [save_saved_object.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_saved_object.ts#:~:text=create), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=create), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=create), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=create), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=create), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=create), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=create), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=create)+ 9 more | - | -| | [build_saved_object.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/build_saved_object.ts#:~:text=delete) | - | -| | [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=find), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=find), [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=find), [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=find) | - | -| | [initialize_saved_object.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/initialize_saved_object.ts#:~:text=get), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=get) | - | -| | [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=bulkGet) | - | -| | [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=update) | - | -| | [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SimpleSavedObject), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SimpleSavedObject), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SimpleSavedObject), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=SimpleSavedObject), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=SimpleSavedObject), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=SimpleSavedObject), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=SimpleSavedObject), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=SimpleSavedObject), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=SimpleSavedObject), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=SimpleSavedObject)+ 4 more | - | +| | [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectsClientContract), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectsClientContract), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SavedObjectsClientContract), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SavedObjectsClientContract), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SavedObjectsClientContract), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=SavedObjectsClientContract), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=SavedObjectsClientContract), [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=SavedObjectsClientContract), [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=SavedObjectsClientContract), [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=SavedObjectsClientContract)+ 5 more | - | +| | [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=create), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=create), [create_source.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/create_source.ts#:~:text=create), [create_source.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/create_source.ts#:~:text=create), [save_saved_object.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_saved_object.ts#:~:text=create), [save_with_confirmation.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.test.ts#:~:text=create), [save_with_confirmation.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.test.ts#:~:text=create), [save_with_confirmation.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.test.ts#:~:text=create), [save_with_confirmation.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.test.ts#:~:text=create), [save_with_confirmation.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.test.ts#:~:text=create)+ 1 more | - | +| | [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=find), [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=find), [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=find) | - | +| | [initialize_saved_object.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/initialize_saved_object.ts#:~:text=get) | - | +| | [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SimpleSavedObject), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SimpleSavedObject), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SimpleSavedObject) | - | | | [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=SavedObjectsCreateOptions), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=SavedObjectsCreateOptions), [save_with_confirmation.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.test.ts#:~:text=SavedObjectsCreateOptions), [save_with_confirmation.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.test.ts#:~:text=SavedObjectsCreateOptions), [save_with_confirmation.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.test.ts#:~:text=SavedObjectsCreateOptions) | - | | | [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=simpleSavedObjectMock), [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=simpleSavedObjectMock) | - | | | [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=SavedObject), [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=SavedObject) | - | -| | [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectAttributes), [create_source.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/create_source.ts#:~:text=SavedObjectAttributes), [create_source.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/create_source.ts#:~:text=SavedObjectAttributes), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SavedObjectAttributes), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SavedObjectAttributes), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=SavedObjectAttributes)+ 15 more | - | +| | [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectAttributes), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SavedObjectAttributes), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SavedObjectAttributes), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=SavedObjectAttributes), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=SavedObjectAttributes), [create_source.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/create_source.ts#:~:text=SavedObjectAttributes)+ 4 more | - | | | [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectReference), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectReference), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectReference), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectReference), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectReference), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectReference) | - | @@ -1272,9 +1267,8 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | Deprecated API | Reference location(s) | Remove By | | ---------------|-----------|-----------| -| | [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObject), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/types.ts#:~:text=SavedObject), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/types.ts#:~:text=SavedObject), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObject), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObject) | 8.8.0 | | | [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObject), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObject), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObject) | - | -| | [extract_tag_references.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts#:~:text=SavedObjectReference), [extract_tag_references.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts#:~:text=SavedObjectReference), [extract_tag_references.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts#:~:text=SavedObjectReference), [extract_tag_references.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts#:~:text=SavedObjectReference), [extract_tag_references.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts#:~:text=SavedObjectReference), [extract_tag_references.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts#:~:text=SavedObjectReference), [inject_tag_references.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/inject_tag_references.test.ts#:~:text=SavedObjectReference), [inject_tag_references.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/inject_tag_references.test.ts#:~:text=SavedObjectReference), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObjectReference), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObjectReference)+ 2 more | - | +| | [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObjectReference), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObjectReference), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObjectReference), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObjectReference) | - | diff --git a/api_docs/deprecations_by_team.mdx b/api_docs/deprecations_by_team.mdx index 115dd57a9eec7..338a02ad98539 100644 --- a/api_docs/deprecations_by_team.mdx +++ b/api_docs/deprecations_by_team.mdx @@ -7,7 +7,7 @@ id: kibDevDocsDeprecationsDueByTeam slug: /kibana-dev-docs/api-meta/deprecations-due-by-team title: Deprecated APIs due to be removed, by team description: Lists the teams that are referencing deprecated APIs with a remove by date. -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- @@ -16,7 +16,6 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | Plugin | Deprecated API | Reference location(s) | Remove By | | --------|-------|-----------|-----------| -| savedObjectsTaggingOss | | [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObject), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/types.ts#:~:text=SavedObject), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/types.ts#:~:text=SavedObject), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObject), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObject) | 8.8.0 | | kibanaOverview | | [application.tsx](https://github.com/elastic/kibana/tree/main/src/plugins/kibana_overview/public/application.tsx#:~:text=appBasePath) | 8.8.0 | diff --git a/api_docs/dev_tools.mdx b/api_docs/dev_tools.mdx index c7c734f1a1b49..657e376b63954 100644 --- a/api_docs/dev_tools.mdx +++ b/api_docs/dev_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/devTools title: "devTools" image: https://source.unsplash.com/400x175/?github description: API docs for the devTools plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'devTools'] --- import devToolsObj from './dev_tools.devdocs.json'; diff --git a/api_docs/discover.mdx b/api_docs/discover.mdx index 98bd4052fe516..41762cbdf56fe 100644 --- a/api_docs/discover.mdx +++ b/api_docs/discover.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/discover title: "discover" image: https://source.unsplash.com/400x175/?github description: API docs for the discover plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'discover'] --- import discoverObj from './discover.devdocs.json'; diff --git a/api_docs/discover_enhanced.mdx b/api_docs/discover_enhanced.mdx index 95a6e526ced5e..7ba88702a6dd0 100644 --- a/api_docs/discover_enhanced.mdx +++ b/api_docs/discover_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/discoverEnhanced title: "discoverEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the discoverEnhanced plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'discoverEnhanced'] --- import discoverEnhancedObj from './discover_enhanced.devdocs.json'; diff --git a/api_docs/discover_shared.mdx b/api_docs/discover_shared.mdx index 32c4067ee0dd7..cb18e2eb1833a 100644 --- a/api_docs/discover_shared.mdx +++ b/api_docs/discover_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/discoverShared title: "discoverShared" image: https://source.unsplash.com/400x175/?github description: API docs for the discoverShared plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'discoverShared'] --- import discoverSharedObj from './discover_shared.devdocs.json'; diff --git a/api_docs/ecs_data_quality_dashboard.mdx b/api_docs/ecs_data_quality_dashboard.mdx index fcbbb8be61d85..b6daf0319568b 100644 --- a/api_docs/ecs_data_quality_dashboard.mdx +++ b/api_docs/ecs_data_quality_dashboard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ecsDataQualityDashboard title: "ecsDataQualityDashboard" image: https://source.unsplash.com/400x175/?github description: API docs for the ecsDataQualityDashboard plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ecsDataQualityDashboard'] --- import ecsDataQualityDashboardObj from './ecs_data_quality_dashboard.devdocs.json'; diff --git a/api_docs/elastic_assistant.mdx b/api_docs/elastic_assistant.mdx index c74acbf576eb0..a7fab4235ca9f 100644 --- a/api_docs/elastic_assistant.mdx +++ b/api_docs/elastic_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/elasticAssistant title: "elasticAssistant" image: https://source.unsplash.com/400x175/?github description: API docs for the elasticAssistant plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'elasticAssistant'] --- import elasticAssistantObj from './elastic_assistant.devdocs.json'; diff --git a/api_docs/embeddable.mdx b/api_docs/embeddable.mdx index f85002d7080ca..a3d122feb00d8 100644 --- a/api_docs/embeddable.mdx +++ b/api_docs/embeddable.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/embeddable title: "embeddable" image: https://source.unsplash.com/400x175/?github description: API docs for the embeddable plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'embeddable'] --- import embeddableObj from './embeddable.devdocs.json'; diff --git a/api_docs/embeddable_enhanced.mdx b/api_docs/embeddable_enhanced.mdx index e06f75a1a48e3..422668bbf2dcd 100644 --- a/api_docs/embeddable_enhanced.mdx +++ b/api_docs/embeddable_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/embeddableEnhanced title: "embeddableEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the embeddableEnhanced plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'embeddableEnhanced'] --- import embeddableEnhancedObj from './embeddable_enhanced.devdocs.json'; diff --git a/api_docs/encrypted_saved_objects.mdx b/api_docs/encrypted_saved_objects.mdx index 3b0a8c43ead37..932f0d19f5124 100644 --- a/api_docs/encrypted_saved_objects.mdx +++ b/api_docs/encrypted_saved_objects.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/encryptedSavedObjects title: "encryptedSavedObjects" image: https://source.unsplash.com/400x175/?github description: API docs for the encryptedSavedObjects plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'encryptedSavedObjects'] --- import encryptedSavedObjectsObj from './encrypted_saved_objects.devdocs.json'; diff --git a/api_docs/enterprise_search.mdx b/api_docs/enterprise_search.mdx index 251ac77b529d2..5ab0d4227eda9 100644 --- a/api_docs/enterprise_search.mdx +++ b/api_docs/enterprise_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/enterpriseSearch title: "enterpriseSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the enterpriseSearch plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'enterpriseSearch'] --- import enterpriseSearchObj from './enterprise_search.devdocs.json'; diff --git a/api_docs/entities_data_access.mdx b/api_docs/entities_data_access.mdx index 8425d4a8ca448..c6f6f28744668 100644 --- a/api_docs/entities_data_access.mdx +++ b/api_docs/entities_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/entitiesDataAccess title: "entitiesDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the entitiesDataAccess plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'entitiesDataAccess'] --- import entitiesDataAccessObj from './entities_data_access.devdocs.json'; diff --git a/api_docs/entity_manager.mdx b/api_docs/entity_manager.mdx index e109d16be264b..9af13b2901cad 100644 --- a/api_docs/entity_manager.mdx +++ b/api_docs/entity_manager.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/entityManager title: "entityManager" image: https://source.unsplash.com/400x175/?github description: API docs for the entityManager plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'entityManager'] --- import entityManagerObj from './entity_manager.devdocs.json'; diff --git a/api_docs/es_ui_shared.mdx b/api_docs/es_ui_shared.mdx index a409e799903ea..cfbbe006a111b 100644 --- a/api_docs/es_ui_shared.mdx +++ b/api_docs/es_ui_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/esUiShared title: "esUiShared" image: https://source.unsplash.com/400x175/?github description: API docs for the esUiShared plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'esUiShared'] --- import esUiSharedObj from './es_ui_shared.devdocs.json'; diff --git a/api_docs/esql.mdx b/api_docs/esql.mdx index f75e7f1381f11..69b083d4da898 100644 --- a/api_docs/esql.mdx +++ b/api_docs/esql.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/esql title: "esql" image: https://source.unsplash.com/400x175/?github description: API docs for the esql plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'esql'] --- import esqlObj from './esql.devdocs.json'; diff --git a/api_docs/esql_data_grid.mdx b/api_docs/esql_data_grid.mdx index c66e49807aa01..bc93b6299f454 100644 --- a/api_docs/esql_data_grid.mdx +++ b/api_docs/esql_data_grid.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/esqlDataGrid title: "esqlDataGrid" image: https://source.unsplash.com/400x175/?github description: API docs for the esqlDataGrid plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'esqlDataGrid'] --- import esqlDataGridObj from './esql_data_grid.devdocs.json'; diff --git a/api_docs/event_annotation.mdx b/api_docs/event_annotation.mdx index b484324656592..048fb53c21021 100644 --- a/api_docs/event_annotation.mdx +++ b/api_docs/event_annotation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/eventAnnotation title: "eventAnnotation" image: https://source.unsplash.com/400x175/?github description: API docs for the eventAnnotation plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'eventAnnotation'] --- import eventAnnotationObj from './event_annotation.devdocs.json'; diff --git a/api_docs/event_annotation_listing.mdx b/api_docs/event_annotation_listing.mdx index 4a6c490d6efe4..2d0f4d86336de 100644 --- a/api_docs/event_annotation_listing.mdx +++ b/api_docs/event_annotation_listing.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/eventAnnotationListing title: "eventAnnotationListing" image: https://source.unsplash.com/400x175/?github description: API docs for the eventAnnotationListing plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'eventAnnotationListing'] --- import eventAnnotationListingObj from './event_annotation_listing.devdocs.json'; diff --git a/api_docs/event_log.devdocs.json b/api_docs/event_log.devdocs.json index 87e2bf5cae0ac..5a66164ffcf07 100644 --- a/api_docs/event_log.devdocs.json +++ b/api_docs/event_log.devdocs.json @@ -222,6 +222,53 @@ ], "returnComment": [] }, + { + "parentPluginId": "eventLog", + "id": "def-server.ClusterClientAdapter.updateIndexTemplate", + "type": "Function", + "tags": [], + "label": "updateIndexTemplate", + "description": [], + "signature": [ + "(name: string, template: Record) => Promise" + ], + "path": "x-pack/plugins/event_log/server/es/cluster_client_adapter.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "eventLog", + "id": "def-server.ClusterClientAdapter.updateIndexTemplate.$1", + "type": "string", + "tags": [], + "label": "name", + "description": [], + "signature": [ + "string" + ], + "path": "x-pack/plugins/event_log/server/es/cluster_client_adapter.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + }, + { + "parentPluginId": "eventLog", + "id": "def-server.ClusterClientAdapter.updateIndexTemplate.$2", + "type": "Object", + "tags": [], + "label": "template", + "description": [], + "signature": [ + "Record" + ], + "path": "x-pack/plugins/event_log/server/es/cluster_client_adapter.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [] + }, { "parentPluginId": "eventLog", "id": "def-server.ClusterClientAdapter.getExistingLegacyIndexTemplates", @@ -495,7 +542,7 @@ "label": "createDataStream", "description": [], "signature": [ - "(name: string, body?: Record) => Promise" + "(name: string) => Promise" ], "path": "x-pack/plugins/event_log/server/es/cluster_client_adapter.ts", "deprecated": false, @@ -515,16 +562,33 @@ "deprecated": false, "trackAdoption": false, "isRequired": true - }, + } + ], + "returnComment": [] + }, + { + "parentPluginId": "eventLog", + "id": "def-server.ClusterClientAdapter.updateConcreteIndices", + "type": "Function", + "tags": [], + "label": "updateConcreteIndices", + "description": [], + "signature": [ + "(name: string) => Promise" + ], + "path": "x-pack/plugins/event_log/server/es/cluster_client_adapter.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ { "parentPluginId": "eventLog", - "id": "def-server.ClusterClientAdapter.createDataStream.$2", - "type": "Object", + "id": "def-server.ClusterClientAdapter.updateConcreteIndices.$1", + "type": "string", "tags": [], - "label": "body", + "label": "name", "description": [], "signature": [ - "Record" + "string" ], "path": "x-pack/plugins/event_log/server/es/cluster_client_adapter.ts", "deprecated": false, diff --git a/api_docs/event_log.mdx b/api_docs/event_log.mdx index 5db1b1b20f6ea..667d3856064a3 100644 --- a/api_docs/event_log.mdx +++ b/api_docs/event_log.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/eventLog title: "eventLog" image: https://source.unsplash.com/400x175/?github description: API docs for the eventLog plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'eventLog'] --- import eventLogObj from './event_log.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-o | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 112 | 0 | 112 | 11 | +| 116 | 0 | 116 | 11 | ## Server diff --git a/api_docs/exploratory_view.mdx b/api_docs/exploratory_view.mdx index 524b1eb8e333d..48659743aef7b 100644 --- a/api_docs/exploratory_view.mdx +++ b/api_docs/exploratory_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/exploratoryView title: "exploratoryView" image: https://source.unsplash.com/400x175/?github description: API docs for the exploratoryView plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'exploratoryView'] --- import exploratoryViewObj from './exploratory_view.devdocs.json'; diff --git a/api_docs/expression_error.mdx b/api_docs/expression_error.mdx index a7da9bf16bf9a..170f3a43e0dd6 100644 --- a/api_docs/expression_error.mdx +++ b/api_docs/expression_error.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionError title: "expressionError" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionError plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionError'] --- import expressionErrorObj from './expression_error.devdocs.json'; diff --git a/api_docs/expression_gauge.mdx b/api_docs/expression_gauge.mdx index 2154b22551577..203e92bfa12ef 100644 --- a/api_docs/expression_gauge.mdx +++ b/api_docs/expression_gauge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionGauge title: "expressionGauge" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionGauge plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionGauge'] --- import expressionGaugeObj from './expression_gauge.devdocs.json'; diff --git a/api_docs/expression_heatmap.mdx b/api_docs/expression_heatmap.mdx index fdf92c283113e..e54d35f29b3d8 100644 --- a/api_docs/expression_heatmap.mdx +++ b/api_docs/expression_heatmap.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionHeatmap title: "expressionHeatmap" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionHeatmap plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionHeatmap'] --- import expressionHeatmapObj from './expression_heatmap.devdocs.json'; diff --git a/api_docs/expression_image.mdx b/api_docs/expression_image.mdx index 5cce64323dcbb..e2068a08af1da 100644 --- a/api_docs/expression_image.mdx +++ b/api_docs/expression_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionImage title: "expressionImage" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionImage plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionImage'] --- import expressionImageObj from './expression_image.devdocs.json'; diff --git a/api_docs/expression_legacy_metric_vis.mdx b/api_docs/expression_legacy_metric_vis.mdx index 701ebc4d10ccf..0d78ea0ebe73b 100644 --- a/api_docs/expression_legacy_metric_vis.mdx +++ b/api_docs/expression_legacy_metric_vis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionLegacyMetricVis title: "expressionLegacyMetricVis" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionLegacyMetricVis plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionLegacyMetricVis'] --- import expressionLegacyMetricVisObj from './expression_legacy_metric_vis.devdocs.json'; diff --git a/api_docs/expression_metric.mdx b/api_docs/expression_metric.mdx index fcbbf2b3f5b22..410b3326a166a 100644 --- a/api_docs/expression_metric.mdx +++ b/api_docs/expression_metric.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionMetric title: "expressionMetric" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionMetric plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionMetric'] --- import expressionMetricObj from './expression_metric.devdocs.json'; diff --git a/api_docs/expression_metric_vis.mdx b/api_docs/expression_metric_vis.mdx index 294910a08a799..d07bdccd3715f 100644 --- a/api_docs/expression_metric_vis.mdx +++ b/api_docs/expression_metric_vis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionMetricVis title: "expressionMetricVis" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionMetricVis plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionMetricVis'] --- import expressionMetricVisObj from './expression_metric_vis.devdocs.json'; diff --git a/api_docs/expression_partition_vis.mdx b/api_docs/expression_partition_vis.mdx index cc6b86278fda5..0b7d9d8319e00 100644 --- a/api_docs/expression_partition_vis.mdx +++ b/api_docs/expression_partition_vis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionPartitionVis title: "expressionPartitionVis" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionPartitionVis plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionPartitionVis'] --- import expressionPartitionVisObj from './expression_partition_vis.devdocs.json'; diff --git a/api_docs/expression_repeat_image.mdx b/api_docs/expression_repeat_image.mdx index 6ce00a32bdf43..60f3ff0e65a7f 100644 --- a/api_docs/expression_repeat_image.mdx +++ b/api_docs/expression_repeat_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionRepeatImage title: "expressionRepeatImage" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionRepeatImage plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionRepeatImage'] --- import expressionRepeatImageObj from './expression_repeat_image.devdocs.json'; diff --git a/api_docs/expression_reveal_image.mdx b/api_docs/expression_reveal_image.mdx index d98aeb328e5fc..a91258587d0fa 100644 --- a/api_docs/expression_reveal_image.mdx +++ b/api_docs/expression_reveal_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionRevealImage title: "expressionRevealImage" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionRevealImage plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionRevealImage'] --- import expressionRevealImageObj from './expression_reveal_image.devdocs.json'; diff --git a/api_docs/expression_shape.mdx b/api_docs/expression_shape.mdx index f7278bdea7ee3..1a8bdcff2906b 100644 --- a/api_docs/expression_shape.mdx +++ b/api_docs/expression_shape.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionShape title: "expressionShape" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionShape plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionShape'] --- import expressionShapeObj from './expression_shape.devdocs.json'; diff --git a/api_docs/expression_tagcloud.mdx b/api_docs/expression_tagcloud.mdx index 836651edcca37..710cfd3cb0a0f 100644 --- a/api_docs/expression_tagcloud.mdx +++ b/api_docs/expression_tagcloud.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionTagcloud title: "expressionTagcloud" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionTagcloud plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionTagcloud'] --- import expressionTagcloudObj from './expression_tagcloud.devdocs.json'; diff --git a/api_docs/expression_x_y.mdx b/api_docs/expression_x_y.mdx index 264ad0acdf5e6..7d9f43c97005b 100644 --- a/api_docs/expression_x_y.mdx +++ b/api_docs/expression_x_y.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionXY title: "expressionXY" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionXY plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionXY'] --- import expressionXYObj from './expression_x_y.devdocs.json'; diff --git a/api_docs/expressions.mdx b/api_docs/expressions.mdx index 97380e4eaaf7a..3b6d9e10572e2 100644 --- a/api_docs/expressions.mdx +++ b/api_docs/expressions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressions title: "expressions" image: https://source.unsplash.com/400x175/?github description: API docs for the expressions plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressions'] --- import expressionsObj from './expressions.devdocs.json'; diff --git a/api_docs/features.mdx b/api_docs/features.mdx index da7b44f28d5d3..cf27946387260 100644 --- a/api_docs/features.mdx +++ b/api_docs/features.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/features title: "features" image: https://source.unsplash.com/400x175/?github description: API docs for the features plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'features'] --- import featuresObj from './features.devdocs.json'; diff --git a/api_docs/field_formats.mdx b/api_docs/field_formats.mdx index ee205e3f7e95a..0c0fcebcdd25d 100644 --- a/api_docs/field_formats.mdx +++ b/api_docs/field_formats.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fieldFormats title: "fieldFormats" image: https://source.unsplash.com/400x175/?github description: API docs for the fieldFormats plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fieldFormats'] --- import fieldFormatsObj from './field_formats.devdocs.json'; diff --git a/api_docs/fields_metadata.mdx b/api_docs/fields_metadata.mdx index 7eb78ee43f370..d142d487f17db 100644 --- a/api_docs/fields_metadata.mdx +++ b/api_docs/fields_metadata.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fieldsMetadata title: "fieldsMetadata" image: https://source.unsplash.com/400x175/?github description: API docs for the fieldsMetadata plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fieldsMetadata'] --- import fieldsMetadataObj from './fields_metadata.devdocs.json'; diff --git a/api_docs/file_upload.mdx b/api_docs/file_upload.mdx index 7cf49129cc42c..ee8533dc63e73 100644 --- a/api_docs/file_upload.mdx +++ b/api_docs/file_upload.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fileUpload title: "fileUpload" image: https://source.unsplash.com/400x175/?github description: API docs for the fileUpload plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fileUpload'] --- import fileUploadObj from './file_upload.devdocs.json'; diff --git a/api_docs/files.mdx b/api_docs/files.mdx index 8f5682cd1a0f3..c4d67f2e5c3d4 100644 --- a/api_docs/files.mdx +++ b/api_docs/files.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/files title: "files" image: https://source.unsplash.com/400x175/?github description: API docs for the files plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'files'] --- import filesObj from './files.devdocs.json'; diff --git a/api_docs/files_management.mdx b/api_docs/files_management.mdx index efafa88ba20fd..84b2e56d30778 100644 --- a/api_docs/files_management.mdx +++ b/api_docs/files_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/filesManagement title: "filesManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the filesManagement plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'filesManagement'] --- import filesManagementObj from './files_management.devdocs.json'; diff --git a/api_docs/fleet.devdocs.json b/api_docs/fleet.devdocs.json index 0e40a7c831668..a0ebb6ff1e8b3 100644 --- a/api_docs/fleet.devdocs.json +++ b/api_docs/fleet.devdocs.json @@ -23690,6 +23690,48 @@ "path": "x-pack/plugins/fleet/common/types/models/agent_policy.ts", "deprecated": false, "trackAdoption": false + }, + { + "parentPluginId": "fleet", + "id": "def-common.NewAgentPolicy.monitoring_pprof_enabled", + "type": "CompoundType", + "tags": [], + "label": "monitoring_pprof_enabled", + "description": [], + "signature": [ + "boolean | undefined" + ], + "path": "x-pack/plugins/fleet/common/types/models/agent_policy.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "fleet", + "id": "def-common.NewAgentPolicy.monitoring_http", + "type": "Object", + "tags": [], + "label": "monitoring_http", + "description": [], + "signature": [ + "{ enabled: boolean; host?: string | undefined; port?: number | undefined; } | undefined" + ], + "path": "x-pack/plugins/fleet/common/types/models/agent_policy.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "fleet", + "id": "def-common.NewAgentPolicy.monitoring_diagnostics", + "type": "Object", + "tags": [], + "label": "monitoring_diagnostics", + "description": [], + "signature": [ + "{ limit?: { interval?: string | undefined; burst?: number | undefined; } | undefined; uploader?: { max_retries?: number | undefined; init_dur?: string | undefined; max_dur?: string | undefined; } | undefined; } | undefined" + ], + "path": "x-pack/plugins/fleet/common/types/models/agent_policy.ts", + "deprecated": false, + "trackAdoption": false } ], "initialIsOpen": false diff --git a/api_docs/fleet.mdx b/api_docs/fleet.mdx index 1e0adcd6a15d5..8629c06773f43 100644 --- a/api_docs/fleet.mdx +++ b/api_docs/fleet.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fleet title: "fleet" image: https://source.unsplash.com/400x175/?github description: API docs for the fleet plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fleet'] --- import fleetObj from './fleet.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/fleet](https://github.com/orgs/elastic/teams/fleet) for questi | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 1361 | 5 | 1238 | 74 | +| 1364 | 5 | 1241 | 74 | ## Client diff --git a/api_docs/global_search.mdx b/api_docs/global_search.mdx index 992642bd23bbe..872e356706dbc 100644 --- a/api_docs/global_search.mdx +++ b/api_docs/global_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/globalSearch title: "globalSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the globalSearch plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'globalSearch'] --- import globalSearchObj from './global_search.devdocs.json'; diff --git a/api_docs/guided_onboarding.mdx b/api_docs/guided_onboarding.mdx index 50711b8b747b5..0a05893662545 100644 --- a/api_docs/guided_onboarding.mdx +++ b/api_docs/guided_onboarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/guidedOnboarding title: "guidedOnboarding" image: https://source.unsplash.com/400x175/?github description: API docs for the guidedOnboarding plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'guidedOnboarding'] --- import guidedOnboardingObj from './guided_onboarding.devdocs.json'; diff --git a/api_docs/home.mdx b/api_docs/home.mdx index 6bf43edb4c9b2..f17cf5c15ada2 100644 --- a/api_docs/home.mdx +++ b/api_docs/home.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/home title: "home" image: https://source.unsplash.com/400x175/?github description: API docs for the home plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'home'] --- import homeObj from './home.devdocs.json'; diff --git a/api_docs/image_embeddable.mdx b/api_docs/image_embeddable.mdx index 935963ab7cc88..9049b20281b5f 100644 --- a/api_docs/image_embeddable.mdx +++ b/api_docs/image_embeddable.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/imageEmbeddable title: "imageEmbeddable" image: https://source.unsplash.com/400x175/?github description: API docs for the imageEmbeddable plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'imageEmbeddable'] --- import imageEmbeddableObj from './image_embeddable.devdocs.json'; diff --git a/api_docs/index_lifecycle_management.mdx b/api_docs/index_lifecycle_management.mdx index f92262869703a..235229cc67312 100644 --- a/api_docs/index_lifecycle_management.mdx +++ b/api_docs/index_lifecycle_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/indexLifecycleManagement title: "indexLifecycleManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the indexLifecycleManagement plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'indexLifecycleManagement'] --- import indexLifecycleManagementObj from './index_lifecycle_management.devdocs.json'; diff --git a/api_docs/index_management.mdx b/api_docs/index_management.mdx index b766169c62f6c..4f5a15d8155fd 100644 --- a/api_docs/index_management.mdx +++ b/api_docs/index_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/indexManagement title: "indexManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the indexManagement plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'indexManagement'] --- import indexManagementObj from './index_management.devdocs.json'; diff --git a/api_docs/inference.mdx b/api_docs/inference.mdx index 6432598095d44..bbe87f141d4f6 100644 --- a/api_docs/inference.mdx +++ b/api_docs/inference.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/inference title: "inference" image: https://source.unsplash.com/400x175/?github description: API docs for the inference plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'inference'] --- import inferenceObj from './inference.devdocs.json'; diff --git a/api_docs/infra.mdx b/api_docs/infra.mdx index c373aa27bba59..a2ac0dcf4f298 100644 --- a/api_docs/infra.mdx +++ b/api_docs/infra.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/infra title: "infra" image: https://source.unsplash.com/400x175/?github description: API docs for the infra plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'infra'] --- import infraObj from './infra.devdocs.json'; diff --git a/api_docs/ingest_pipelines.mdx b/api_docs/ingest_pipelines.mdx index c3c796f59da66..e15c16e85aedb 100644 --- a/api_docs/ingest_pipelines.mdx +++ b/api_docs/ingest_pipelines.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ingestPipelines title: "ingestPipelines" image: https://source.unsplash.com/400x175/?github description: API docs for the ingestPipelines plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ingestPipelines'] --- import ingestPipelinesObj from './ingest_pipelines.devdocs.json'; diff --git a/api_docs/inspector.mdx b/api_docs/inspector.mdx index b688ffcc4287c..aa9bfcf0cd663 100644 --- a/api_docs/inspector.mdx +++ b/api_docs/inspector.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/inspector title: "inspector" image: https://source.unsplash.com/400x175/?github description: API docs for the inspector plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'inspector'] --- import inspectorObj from './inspector.devdocs.json'; diff --git a/api_docs/integration_assistant.mdx b/api_docs/integration_assistant.mdx index e1a02841a440f..a690a6a8defae 100644 --- a/api_docs/integration_assistant.mdx +++ b/api_docs/integration_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/integrationAssistant title: "integrationAssistant" image: https://source.unsplash.com/400x175/?github description: API docs for the integrationAssistant plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'integrationAssistant'] --- import integrationAssistantObj from './integration_assistant.devdocs.json'; diff --git a/api_docs/interactive_setup.mdx b/api_docs/interactive_setup.mdx index 9d7903243a206..62c33ea5d9f3f 100644 --- a/api_docs/interactive_setup.mdx +++ b/api_docs/interactive_setup.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/interactiveSetup title: "interactiveSetup" image: https://source.unsplash.com/400x175/?github description: API docs for the interactiveSetup plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'interactiveSetup'] --- import interactiveSetupObj from './interactive_setup.devdocs.json'; diff --git a/api_docs/inventory.mdx b/api_docs/inventory.mdx index e00f0bd6b14ec..1f78420c8ff8b 100644 --- a/api_docs/inventory.mdx +++ b/api_docs/inventory.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/inventory title: "inventory" image: https://source.unsplash.com/400x175/?github description: API docs for the inventory plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'inventory'] --- import inventoryObj from './inventory.devdocs.json'; diff --git a/api_docs/investigate.mdx b/api_docs/investigate.mdx index 18f1572b50ba8..9cf9face3de83 100644 --- a/api_docs/investigate.mdx +++ b/api_docs/investigate.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/investigate title: "investigate" image: https://source.unsplash.com/400x175/?github description: API docs for the investigate plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'investigate'] --- import investigateObj from './investigate.devdocs.json'; diff --git a/api_docs/investigate_app.mdx b/api_docs/investigate_app.mdx index ba9a79b716dd7..f7f900f1d0a77 100644 --- a/api_docs/investigate_app.mdx +++ b/api_docs/investigate_app.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/investigateApp title: "investigateApp" image: https://source.unsplash.com/400x175/?github description: API docs for the investigateApp plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'investigateApp'] --- import investigateAppObj from './investigate_app.devdocs.json'; diff --git a/api_docs/kbn_ace.mdx b/api_docs/kbn_ace.mdx index 21407e5401d3c..223bef365590a 100644 --- a/api_docs/kbn_ace.mdx +++ b/api_docs/kbn_ace.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ace title: "@kbn/ace" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ace plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ace'] --- import kbnAceObj from './kbn_ace.devdocs.json'; diff --git a/api_docs/kbn_actions_types.mdx b/api_docs/kbn_actions_types.mdx index 7bd46b655e3dd..75a9b76c7977e 100644 --- a/api_docs/kbn_actions_types.mdx +++ b/api_docs/kbn_actions_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-actions-types title: "@kbn/actions-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/actions-types plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/actions-types'] --- import kbnActionsTypesObj from './kbn_actions_types.devdocs.json'; diff --git a/api_docs/kbn_aiops_components.mdx b/api_docs/kbn_aiops_components.mdx index 330d1daf1fe69..13403c78daa5e 100644 --- a/api_docs/kbn_aiops_components.mdx +++ b/api_docs/kbn_aiops_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-aiops-components title: "@kbn/aiops-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/aiops-components plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/aiops-components'] --- import kbnAiopsComponentsObj from './kbn_aiops_components.devdocs.json'; diff --git a/api_docs/kbn_aiops_log_pattern_analysis.mdx b/api_docs/kbn_aiops_log_pattern_analysis.mdx index c61f1b7acf872..f9cfbf17ec235 100644 --- a/api_docs/kbn_aiops_log_pattern_analysis.mdx +++ b/api_docs/kbn_aiops_log_pattern_analysis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-aiops-log-pattern-analysis title: "@kbn/aiops-log-pattern-analysis" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/aiops-log-pattern-analysis plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/aiops-log-pattern-analysis'] --- import kbnAiopsLogPatternAnalysisObj from './kbn_aiops_log_pattern_analysis.devdocs.json'; diff --git a/api_docs/kbn_aiops_log_rate_analysis.mdx b/api_docs/kbn_aiops_log_rate_analysis.mdx index c0373e5fda6c3..06db362fa0e67 100644 --- a/api_docs/kbn_aiops_log_rate_analysis.mdx +++ b/api_docs/kbn_aiops_log_rate_analysis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-aiops-log-rate-analysis title: "@kbn/aiops-log-rate-analysis" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/aiops-log-rate-analysis plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/aiops-log-rate-analysis'] --- import kbnAiopsLogRateAnalysisObj from './kbn_aiops_log_rate_analysis.devdocs.json'; diff --git a/api_docs/kbn_alerting_api_integration_helpers.mdx b/api_docs/kbn_alerting_api_integration_helpers.mdx index aba34876fed3e..cc78a9a6a3ca7 100644 --- a/api_docs/kbn_alerting_api_integration_helpers.mdx +++ b/api_docs/kbn_alerting_api_integration_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-api-integration-helpers title: "@kbn/alerting-api-integration-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-api-integration-helpers plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-api-integration-helpers'] --- import kbnAlertingApiIntegrationHelpersObj from './kbn_alerting_api_integration_helpers.devdocs.json'; diff --git a/api_docs/kbn_alerting_comparators.mdx b/api_docs/kbn_alerting_comparators.mdx index bee730ce9626c..19ff3f819f4eb 100644 --- a/api_docs/kbn_alerting_comparators.mdx +++ b/api_docs/kbn_alerting_comparators.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-comparators title: "@kbn/alerting-comparators" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-comparators plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-comparators'] --- import kbnAlertingComparatorsObj from './kbn_alerting_comparators.devdocs.json'; diff --git a/api_docs/kbn_alerting_state_types.mdx b/api_docs/kbn_alerting_state_types.mdx index 4f31741d85f0b..aefbfa43fedc1 100644 --- a/api_docs/kbn_alerting_state_types.mdx +++ b/api_docs/kbn_alerting_state_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-state-types title: "@kbn/alerting-state-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-state-types plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-state-types'] --- import kbnAlertingStateTypesObj from './kbn_alerting_state_types.devdocs.json'; diff --git a/api_docs/kbn_alerting_types.mdx b/api_docs/kbn_alerting_types.mdx index 3e33a8df31808..7f4c4d1754e02 100644 --- a/api_docs/kbn_alerting_types.mdx +++ b/api_docs/kbn_alerting_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-types title: "@kbn/alerting-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-types plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-types'] --- import kbnAlertingTypesObj from './kbn_alerting_types.devdocs.json'; diff --git a/api_docs/kbn_alerts_as_data_utils.mdx b/api_docs/kbn_alerts_as_data_utils.mdx index c0f9cafa95708..96e8bfd263664 100644 --- a/api_docs/kbn_alerts_as_data_utils.mdx +++ b/api_docs/kbn_alerts_as_data_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerts-as-data-utils title: "@kbn/alerts-as-data-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerts-as-data-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerts-as-data-utils'] --- import kbnAlertsAsDataUtilsObj from './kbn_alerts_as_data_utils.devdocs.json'; diff --git a/api_docs/kbn_alerts_grouping.mdx b/api_docs/kbn_alerts_grouping.mdx index 6d90d0917defd..3d8d52b82115d 100644 --- a/api_docs/kbn_alerts_grouping.mdx +++ b/api_docs/kbn_alerts_grouping.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerts-grouping title: "@kbn/alerts-grouping" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerts-grouping plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerts-grouping'] --- import kbnAlertsGroupingObj from './kbn_alerts_grouping.devdocs.json'; diff --git a/api_docs/kbn_alerts_ui_shared.devdocs.json b/api_docs/kbn_alerts_ui_shared.devdocs.json index 731409da954e8..308237a6694e2 100644 --- a/api_docs/kbn_alerts_ui_shared.devdocs.json +++ b/api_docs/kbn_alerts_ui_shared.devdocs.json @@ -3496,7 +3496,7 @@ "text": "ControlGroupRendererProps" } ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer_lazy.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer_lazy.tsx", "deprecated": false, "trackAdoption": false } diff --git a/api_docs/kbn_alerts_ui_shared.mdx b/api_docs/kbn_alerts_ui_shared.mdx index 17b7243d3df1c..d993d7cde041c 100644 --- a/api_docs/kbn_alerts_ui_shared.mdx +++ b/api_docs/kbn_alerts_ui_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerts-ui-shared title: "@kbn/alerts-ui-shared" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerts-ui-shared plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerts-ui-shared'] --- import kbnAlertsUiSharedObj from './kbn_alerts_ui_shared.devdocs.json'; diff --git a/api_docs/kbn_analytics.mdx b/api_docs/kbn_analytics.mdx index f45880014bd4a..ecf18883e4caa 100644 --- a/api_docs/kbn_analytics.mdx +++ b/api_docs/kbn_analytics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-analytics title: "@kbn/analytics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/analytics plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/analytics'] --- import kbnAnalyticsObj from './kbn_analytics.devdocs.json'; diff --git a/api_docs/kbn_analytics_collection_utils.mdx b/api_docs/kbn_analytics_collection_utils.mdx index 12aa4a85dc93c..d418b6c484928 100644 --- a/api_docs/kbn_analytics_collection_utils.mdx +++ b/api_docs/kbn_analytics_collection_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-analytics-collection-utils title: "@kbn/analytics-collection-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/analytics-collection-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/analytics-collection-utils'] --- import kbnAnalyticsCollectionUtilsObj from './kbn_analytics_collection_utils.devdocs.json'; diff --git a/api_docs/kbn_apm_config_loader.mdx b/api_docs/kbn_apm_config_loader.mdx index d60cba60dda4d..4e2c15838912d 100644 --- a/api_docs/kbn_apm_config_loader.mdx +++ b/api_docs/kbn_apm_config_loader.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-config-loader title: "@kbn/apm-config-loader" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-config-loader plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-config-loader'] --- import kbnApmConfigLoaderObj from './kbn_apm_config_loader.devdocs.json'; diff --git a/api_docs/kbn_apm_data_view.mdx b/api_docs/kbn_apm_data_view.mdx index e7794b3e77551..a8c0305f6150c 100644 --- a/api_docs/kbn_apm_data_view.mdx +++ b/api_docs/kbn_apm_data_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-data-view title: "@kbn/apm-data-view" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-data-view plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-data-view'] --- import kbnApmDataViewObj from './kbn_apm_data_view.devdocs.json'; diff --git a/api_docs/kbn_apm_synthtrace.mdx b/api_docs/kbn_apm_synthtrace.mdx index 4c44faaacfd41..7b3e0e5edc359 100644 --- a/api_docs/kbn_apm_synthtrace.mdx +++ b/api_docs/kbn_apm_synthtrace.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-synthtrace title: "@kbn/apm-synthtrace" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-synthtrace plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-synthtrace'] --- import kbnApmSynthtraceObj from './kbn_apm_synthtrace.devdocs.json'; diff --git a/api_docs/kbn_apm_synthtrace_client.mdx b/api_docs/kbn_apm_synthtrace_client.mdx index d9b843da76e65..3da033437336b 100644 --- a/api_docs/kbn_apm_synthtrace_client.mdx +++ b/api_docs/kbn_apm_synthtrace_client.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-synthtrace-client title: "@kbn/apm-synthtrace-client" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-synthtrace-client plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-synthtrace-client'] --- import kbnApmSynthtraceClientObj from './kbn_apm_synthtrace_client.devdocs.json'; diff --git a/api_docs/kbn_apm_types.devdocs.json b/api_docs/kbn_apm_types.devdocs.json index cbf59b082dbf3..100d04dd2c450 100644 --- a/api_docs/kbn_apm_types.devdocs.json +++ b/api_docs/kbn_apm_types.devdocs.json @@ -53,7 +53,7 @@ "label": "name", "description": [], "signature": [ - "\"java\" | \"dotnet\" | \"go\" | \"iOS/swift\" | \"js-base\" | \"nodejs\" | \"php\" | \"python\" | \"ruby\" | \"rum-js\" | \"android/java\" | \"otlp\" | \"opentelemetry/cpp\" | \"opentelemetry/dotnet\" | \"opentelemetry/erlang\" | \"opentelemetry/go\" | \"opentelemetry/java\" | \"opentelemetry/nodejs\" | \"opentelemetry/php\" | \"opentelemetry/python\" | \"opentelemetry/ruby\" | \"opentelemetry/rust\" | \"opentelemetry/swift\" | \"opentelemetry/android\" | \"opentelemetry/webjs\"" + "\"java\" | \"opentelemetry\" | \"dotnet\" | \"go\" | \"iOS/swift\" | \"js-base\" | \"nodejs\" | \"php\" | \"python\" | \"ruby\" | \"rum-js\" | \"android/java\" | \"otlp\" | \"opentelemetry/cpp\" | \"opentelemetry/dotnet\" | \"opentelemetry/erlang\" | \"opentelemetry/go\" | \"opentelemetry/java\" | \"opentelemetry/nodejs\" | \"opentelemetry/php\" | \"opentelemetry/python\" | \"opentelemetry/ruby\" | \"opentelemetry/rust\" | \"opentelemetry/swift\" | \"opentelemetry/android\" | \"opentelemetry/webjs\" | \"otlp/cpp\" | \"otlp/dotnet\" | \"otlp/erlang\" | \"otlp/go\" | \"otlp/java\" | \"otlp/nodejs\" | \"otlp/php\" | \"otlp/python\" | \"otlp/ruby\" | \"otlp/rust\" | \"otlp/swift\" | \"otlp/android\" | \"otlp/webjs\" | \"ios/swift\"" ], "path": "packages/kbn-apm-types/src/es_schemas/ui/fields/agent.ts", "deprecated": false, @@ -2678,7 +2678,7 @@ "label": "AgentName", "description": [], "signature": [ - "\"java\" | \"dotnet\" | \"go\" | \"iOS/swift\" | \"js-base\" | \"nodejs\" | \"php\" | \"python\" | \"ruby\" | \"rum-js\" | \"android/java\" | \"otlp\" | \"opentelemetry/cpp\" | \"opentelemetry/dotnet\" | \"opentelemetry/erlang\" | \"opentelemetry/go\" | \"opentelemetry/java\" | \"opentelemetry/nodejs\" | \"opentelemetry/php\" | \"opentelemetry/python\" | \"opentelemetry/ruby\" | \"opentelemetry/rust\" | \"opentelemetry/swift\" | \"opentelemetry/android\" | \"opentelemetry/webjs\"" + "\"java\" | \"opentelemetry\" | \"dotnet\" | \"go\" | \"iOS/swift\" | \"js-base\" | \"nodejs\" | \"php\" | \"python\" | \"ruby\" | \"rum-js\" | \"android/java\" | \"otlp\" | \"opentelemetry/cpp\" | \"opentelemetry/dotnet\" | \"opentelemetry/erlang\" | \"opentelemetry/go\" | \"opentelemetry/java\" | \"opentelemetry/nodejs\" | \"opentelemetry/php\" | \"opentelemetry/python\" | \"opentelemetry/ruby\" | \"opentelemetry/rust\" | \"opentelemetry/swift\" | \"opentelemetry/android\" | \"opentelemetry/webjs\" | \"otlp/cpp\" | \"otlp/dotnet\" | \"otlp/erlang\" | \"otlp/go\" | \"otlp/java\" | \"otlp/nodejs\" | \"otlp/php\" | \"otlp/python\" | \"otlp/ruby\" | \"otlp/rust\" | \"otlp/swift\" | \"otlp/android\" | \"otlp/webjs\" | \"ios/swift\"" ], "path": "packages/kbn-elastic-agent-utils/src/agent_names.ts", "deprecated": false, @@ -4136,7 +4136,7 @@ "label": "OpenTelemetryAgentName", "description": [], "signature": [ - "\"otlp\" | \"opentelemetry/cpp\" | \"opentelemetry/dotnet\" | \"opentelemetry/erlang\" | \"opentelemetry/go\" | \"opentelemetry/java\" | \"opentelemetry/nodejs\" | \"opentelemetry/php\" | \"opentelemetry/python\" | \"opentelemetry/ruby\" | \"opentelemetry/rust\" | \"opentelemetry/swift\" | \"opentelemetry/android\" | \"opentelemetry/webjs\"" + "\"opentelemetry\" | \"otlp\" | \"opentelemetry/cpp\" | \"opentelemetry/dotnet\" | \"opentelemetry/erlang\" | \"opentelemetry/go\" | \"opentelemetry/java\" | \"opentelemetry/nodejs\" | \"opentelemetry/php\" | \"opentelemetry/python\" | \"opentelemetry/ruby\" | \"opentelemetry/rust\" | \"opentelemetry/swift\" | \"opentelemetry/android\" | \"opentelemetry/webjs\" | \"otlp/cpp\" | \"otlp/dotnet\" | \"otlp/erlang\" | \"otlp/go\" | \"otlp/java\" | \"otlp/nodejs\" | \"otlp/php\" | \"otlp/python\" | \"otlp/ruby\" | \"otlp/rust\" | \"otlp/swift\" | \"otlp/android\" | \"otlp/webjs\"" ], "path": "packages/kbn-elastic-agent-utils/src/agent_names.ts", "deprecated": false, diff --git a/api_docs/kbn_apm_types.mdx b/api_docs/kbn_apm_types.mdx index 42a4705773c1c..4d63a2bce4ad9 100644 --- a/api_docs/kbn_apm_types.mdx +++ b/api_docs/kbn_apm_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-types title: "@kbn/apm-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-types plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-types'] --- import kbnApmTypesObj from './kbn_apm_types.devdocs.json'; diff --git a/api_docs/kbn_apm_utils.mdx b/api_docs/kbn_apm_utils.mdx index 3dabeb9d984f6..30568f136c9af 100644 --- a/api_docs/kbn_apm_utils.mdx +++ b/api_docs/kbn_apm_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-utils title: "@kbn/apm-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-utils'] --- import kbnApmUtilsObj from './kbn_apm_utils.devdocs.json'; diff --git a/api_docs/kbn_avc_banner.mdx b/api_docs/kbn_avc_banner.mdx index f1a5bb031120b..6914e4d17b2d5 100644 --- a/api_docs/kbn_avc_banner.mdx +++ b/api_docs/kbn_avc_banner.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-avc-banner title: "@kbn/avc-banner" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/avc-banner plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/avc-banner'] --- import kbnAvcBannerObj from './kbn_avc_banner.devdocs.json'; diff --git a/api_docs/kbn_axe_config.mdx b/api_docs/kbn_axe_config.mdx index 8c34d0e568bde..54fe0e7af796b 100644 --- a/api_docs/kbn_axe_config.mdx +++ b/api_docs/kbn_axe_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-axe-config title: "@kbn/axe-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/axe-config plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/axe-config'] --- import kbnAxeConfigObj from './kbn_axe_config.devdocs.json'; diff --git a/api_docs/kbn_bfetch_error.mdx b/api_docs/kbn_bfetch_error.mdx index bbd03914cd226..4b3ce4f3b7a0b 100644 --- a/api_docs/kbn_bfetch_error.mdx +++ b/api_docs/kbn_bfetch_error.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-bfetch-error title: "@kbn/bfetch-error" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/bfetch-error plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/bfetch-error'] --- import kbnBfetchErrorObj from './kbn_bfetch_error.devdocs.json'; diff --git a/api_docs/kbn_calculate_auto.mdx b/api_docs/kbn_calculate_auto.mdx index 68ef42d09d85c..300f6a8b014cd 100644 --- a/api_docs/kbn_calculate_auto.mdx +++ b/api_docs/kbn_calculate_auto.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-calculate-auto title: "@kbn/calculate-auto" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/calculate-auto plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/calculate-auto'] --- import kbnCalculateAutoObj from './kbn_calculate_auto.devdocs.json'; diff --git a/api_docs/kbn_calculate_width_from_char_count.mdx b/api_docs/kbn_calculate_width_from_char_count.mdx index 2d6ccb0dc7c63..2096ccac4090d 100644 --- a/api_docs/kbn_calculate_width_from_char_count.mdx +++ b/api_docs/kbn_calculate_width_from_char_count.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-calculate-width-from-char-count title: "@kbn/calculate-width-from-char-count" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/calculate-width-from-char-count plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/calculate-width-from-char-count'] --- import kbnCalculateWidthFromCharCountObj from './kbn_calculate_width_from_char_count.devdocs.json'; diff --git a/api_docs/kbn_cases_components.mdx b/api_docs/kbn_cases_components.mdx index 7532e67882f7b..d41720408675d 100644 --- a/api_docs/kbn_cases_components.mdx +++ b/api_docs/kbn_cases_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cases-components title: "@kbn/cases-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cases-components plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cases-components'] --- import kbnCasesComponentsObj from './kbn_cases_components.devdocs.json'; diff --git a/api_docs/kbn_cbor.mdx b/api_docs/kbn_cbor.mdx index 75f4eee3fec8f..27ac176c8cf32 100644 --- a/api_docs/kbn_cbor.mdx +++ b/api_docs/kbn_cbor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cbor title: "@kbn/cbor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cbor plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cbor'] --- import kbnCborObj from './kbn_cbor.devdocs.json'; diff --git a/api_docs/kbn_cell_actions.mdx b/api_docs/kbn_cell_actions.mdx index 9b4682db6ea3c..7c0938d1e26db 100644 --- a/api_docs/kbn_cell_actions.mdx +++ b/api_docs/kbn_cell_actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cell-actions title: "@kbn/cell-actions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cell-actions plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cell-actions'] --- import kbnCellActionsObj from './kbn_cell_actions.devdocs.json'; diff --git a/api_docs/kbn_chart_expressions_common.mdx b/api_docs/kbn_chart_expressions_common.mdx index 51e48e3ea52c0..9b78eaf259dbe 100644 --- a/api_docs/kbn_chart_expressions_common.mdx +++ b/api_docs/kbn_chart_expressions_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-chart-expressions-common title: "@kbn/chart-expressions-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/chart-expressions-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/chart-expressions-common'] --- import kbnChartExpressionsCommonObj from './kbn_chart_expressions_common.devdocs.json'; diff --git a/api_docs/kbn_chart_icons.mdx b/api_docs/kbn_chart_icons.mdx index d490ba3e41a7d..1eed2b9bc6890 100644 --- a/api_docs/kbn_chart_icons.mdx +++ b/api_docs/kbn_chart_icons.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-chart-icons title: "@kbn/chart-icons" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/chart-icons plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/chart-icons'] --- import kbnChartIconsObj from './kbn_chart_icons.devdocs.json'; diff --git a/api_docs/kbn_ci_stats_core.mdx b/api_docs/kbn_ci_stats_core.mdx index bbb2560c76007..2ed7486db39a2 100644 --- a/api_docs/kbn_ci_stats_core.mdx +++ b/api_docs/kbn_ci_stats_core.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ci-stats-core title: "@kbn/ci-stats-core" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ci-stats-core plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ci-stats-core'] --- import kbnCiStatsCoreObj from './kbn_ci_stats_core.devdocs.json'; diff --git a/api_docs/kbn_ci_stats_performance_metrics.mdx b/api_docs/kbn_ci_stats_performance_metrics.mdx index 0a9d18433dd29..4b16b5201bcb0 100644 --- a/api_docs/kbn_ci_stats_performance_metrics.mdx +++ b/api_docs/kbn_ci_stats_performance_metrics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ci-stats-performance-metrics title: "@kbn/ci-stats-performance-metrics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ci-stats-performance-metrics plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ci-stats-performance-metrics'] --- import kbnCiStatsPerformanceMetricsObj from './kbn_ci_stats_performance_metrics.devdocs.json'; diff --git a/api_docs/kbn_ci_stats_reporter.mdx b/api_docs/kbn_ci_stats_reporter.mdx index dda4ca61bcf2e..3b7a10aba6001 100644 --- a/api_docs/kbn_ci_stats_reporter.mdx +++ b/api_docs/kbn_ci_stats_reporter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ci-stats-reporter title: "@kbn/ci-stats-reporter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ci-stats-reporter plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ci-stats-reporter'] --- import kbnCiStatsReporterObj from './kbn_ci_stats_reporter.devdocs.json'; diff --git a/api_docs/kbn_cli_dev_mode.mdx b/api_docs/kbn_cli_dev_mode.mdx index f86b1b49700c0..9fd6a7e3b867b 100644 --- a/api_docs/kbn_cli_dev_mode.mdx +++ b/api_docs/kbn_cli_dev_mode.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cli-dev-mode title: "@kbn/cli-dev-mode" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cli-dev-mode plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cli-dev-mode'] --- import kbnCliDevModeObj from './kbn_cli_dev_mode.devdocs.json'; diff --git a/api_docs/kbn_cloud_security_posture.mdx b/api_docs/kbn_cloud_security_posture.mdx index 26a39b27842cc..691626a71a317 100644 --- a/api_docs/kbn_cloud_security_posture.mdx +++ b/api_docs/kbn_cloud_security_posture.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cloud-security-posture title: "@kbn/cloud-security-posture" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cloud-security-posture plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cloud-security-posture'] --- import kbnCloudSecurityPostureObj from './kbn_cloud_security_posture.devdocs.json'; diff --git a/api_docs/kbn_cloud_security_posture_common.devdocs.json b/api_docs/kbn_cloud_security_posture_common.devdocs.json index 6b7bbcb244bf2..bd91ea23fdcc0 100644 --- a/api_docs/kbn_cloud_security_posture_common.devdocs.json +++ b/api_docs/kbn_cloud_security_posture_common.devdocs.json @@ -149,6 +149,41 @@ ], "returnComment": [], "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.getAbbreviatedNumber", + "type": "Function", + "tags": [], + "label": "getAbbreviatedNumber", + "description": [ + "\nReturns an abbreviated number when the value is greater than or equal to 1000.\nThe abbreviated number is formatted using numeral:\n- thousand: k\n- million: m\n- billion: b\n- trillion: t" + ], + "signature": [ + "(value: number) => string | number" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/utils/get_abbreviated_number.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.getAbbreviatedNumber.$1", + "type": "number", + "tags": [], + "label": "value", + "description": [], + "signature": [ + "number" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/utils/get_abbreviated_number.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [], + "initialIsOpen": false } ], "interfaces": [ @@ -674,6 +709,21 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN", + "type": "string", + "tags": [], + "label": "CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN", + "description": [], + "signature": [ + "\"logs-cloud_security_posture.vulnerabilities_latest-default\"" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/constants.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "@kbn/cloud-security-posture-common", "id": "def-common.CDR_LATEST_THIRD_PARTY_MISCONFIGURATIONS_INDEX_PATTERN", @@ -689,6 +739,21 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.CDR_LATEST_THIRD_PARTY_VULNERABILITIES_INDEX_PATTERN", + "type": "string", + "tags": [], + "label": "CDR_LATEST_THIRD_PARTY_VULNERABILITIES_INDEX_PATTERN", + "description": [], + "signature": [ + "\"security_solution-*.vulnerability_latest\"" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/constants.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "@kbn/cloud-security-posture-common", "id": "def-common.CDR_MISCONFIGURATIONS_DATA_VIEW_ID_PREFIX", @@ -731,6 +796,18 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.CDR_VULNERABILITIES_INDEX_PATTERN", + "type": "string", + "tags": [], + "label": "CDR_VULNERABILITIES_INDEX_PATTERN", + "description": [], + "path": "x-pack/packages/kbn-cloud-security-posture-common/constants.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "@kbn/cloud-security-posture-common", "id": "def-common.CLOUD_SECURITY_POSTURE_BASE_PATH", @@ -874,6 +951,21 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.LATEST_VULNERABILITIES_RETENTION_POLICY", + "type": "string", + "tags": [], + "label": "LATEST_VULNERABILITIES_RETENTION_POLICY", + "description": [], + "signature": [ + "\"3d\"" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/constants.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "@kbn/cloud-security-posture-common", "id": "def-common.MAX_FINDINGS_TO_LOAD", @@ -933,6 +1025,21 @@ "deprecated": false, "trackAdoption": false, "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.VulnSeverity", + "type": "Type", + "tags": [], + "label": "VulnSeverity", + "description": [], + "signature": [ + "\"UNKNOWN\" | \"LOW\" | \"MEDIUM\" | \"HIGH\" | \"CRITICAL\"" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/types/vulnerabilities.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false } ], "objects": [] diff --git a/api_docs/kbn_cloud_security_posture_common.mdx b/api_docs/kbn_cloud_security_posture_common.mdx index 3e03a0caaa377..17eb8b25275aa 100644 --- a/api_docs/kbn_cloud_security_posture_common.mdx +++ b/api_docs/kbn_cloud_security_posture_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cloud-security-posture-common title: "@kbn/cloud-security-posture-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cloud-security-posture-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cloud-security-posture-common'] --- import kbnCloudSecurityPostureCommonObj from './kbn_cloud_security_posture_common.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/kibana-cloud-security-posture](https://github.com/orgs/elastic | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 61 | 0 | 60 | 0 | +| 68 | 0 | 66 | 0 | ## Common diff --git a/api_docs/kbn_code_editor.mdx b/api_docs/kbn_code_editor.mdx index 22883f72e90f6..82682a7f71edb 100644 --- a/api_docs/kbn_code_editor.mdx +++ b/api_docs/kbn_code_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-code-editor title: "@kbn/code-editor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/code-editor plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/code-editor'] --- import kbnCodeEditorObj from './kbn_code_editor.devdocs.json'; diff --git a/api_docs/kbn_code_editor_mock.mdx b/api_docs/kbn_code_editor_mock.mdx index 73cdcf5992213..e783fcab60b15 100644 --- a/api_docs/kbn_code_editor_mock.mdx +++ b/api_docs/kbn_code_editor_mock.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-code-editor-mock title: "@kbn/code-editor-mock" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/code-editor-mock plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/code-editor-mock'] --- import kbnCodeEditorMockObj from './kbn_code_editor_mock.devdocs.json'; diff --git a/api_docs/kbn_code_owners.devdocs.json b/api_docs/kbn_code_owners.devdocs.json index f36c551502821..8a9168cad1d76 100644 --- a/api_docs/kbn_code_owners.devdocs.json +++ b/api_docs/kbn_code_owners.devdocs.json @@ -114,6 +114,25 @@ "children": [], "returnComment": [], "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/code-owners", + "id": "def-common.runGetOwnersForFileCli", + "type": "Function", + "tags": [], + "label": "runGetOwnersForFileCli", + "description": [ + "\nRun the getCodeOwnersForFile() method above.\nReport back to the cli with either success and the owner(s), or a failure.\n\nThis function depends on a --file param being passed on the cli, like this:\n$ node scripts/get_owners_for_file.js --file SOME-FILE" + ], + "signature": [ + "() => Promise" + ], + "path": "packages/kbn-code-owners/src/file_code_owner.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "returnComment": [], + "initialIsOpen": false } ], "interfaces": [ diff --git a/api_docs/kbn_code_owners.mdx b/api_docs/kbn_code_owners.mdx index 87485757247dc..cad5babc102ce 100644 --- a/api_docs/kbn_code_owners.mdx +++ b/api_docs/kbn_code_owners.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-code-owners title: "@kbn/code-owners" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/code-owners plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/code-owners'] --- import kbnCodeOwnersObj from './kbn_code_owners.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/appex-qa](https://github.com/orgs/elastic/teams/appex-qa) for | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 8 | 0 | 4 | 0 | +| 9 | 0 | 4 | 0 | ## Common diff --git a/api_docs/kbn_coloring.mdx b/api_docs/kbn_coloring.mdx index 8ce23f2089d2d..e2c8154445726 100644 --- a/api_docs/kbn_coloring.mdx +++ b/api_docs/kbn_coloring.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-coloring title: "@kbn/coloring" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/coloring plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/coloring'] --- import kbnColoringObj from './kbn_coloring.devdocs.json'; diff --git a/api_docs/kbn_config.mdx b/api_docs/kbn_config.mdx index 047e8fbe4b7e6..b0a57f489dd65 100644 --- a/api_docs/kbn_config.mdx +++ b/api_docs/kbn_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-config title: "@kbn/config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/config plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/config'] --- import kbnConfigObj from './kbn_config.devdocs.json'; diff --git a/api_docs/kbn_config_mocks.mdx b/api_docs/kbn_config_mocks.mdx index f08d02851441d..b07591481d449 100644 --- a/api_docs/kbn_config_mocks.mdx +++ b/api_docs/kbn_config_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-config-mocks title: "@kbn/config-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/config-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/config-mocks'] --- import kbnConfigMocksObj from './kbn_config_mocks.devdocs.json'; diff --git a/api_docs/kbn_config_schema.mdx b/api_docs/kbn_config_schema.mdx index f01b736418d57..9613201257629 100644 --- a/api_docs/kbn_config_schema.mdx +++ b/api_docs/kbn_config_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-config-schema title: "@kbn/config-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/config-schema plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/config-schema'] --- import kbnConfigSchemaObj from './kbn_config_schema.devdocs.json'; diff --git a/api_docs/kbn_content_management_content_editor.mdx b/api_docs/kbn_content_management_content_editor.mdx index 65cfb7b19b20b..fba75dfb37d0b 100644 --- a/api_docs/kbn_content_management_content_editor.mdx +++ b/api_docs/kbn_content_management_content_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-content-editor title: "@kbn/content-management-content-editor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-content-editor plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-content-editor'] --- import kbnContentManagementContentEditorObj from './kbn_content_management_content_editor.devdocs.json'; diff --git a/api_docs/kbn_content_management_content_insights_public.mdx b/api_docs/kbn_content_management_content_insights_public.mdx index 3d392fa8bedf0..acfd3607beeb1 100644 --- a/api_docs/kbn_content_management_content_insights_public.mdx +++ b/api_docs/kbn_content_management_content_insights_public.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-content-insights-public title: "@kbn/content-management-content-insights-public" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-content-insights-public plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-content-insights-public'] --- import kbnContentManagementContentInsightsPublicObj from './kbn_content_management_content_insights_public.devdocs.json'; diff --git a/api_docs/kbn_content_management_content_insights_server.mdx b/api_docs/kbn_content_management_content_insights_server.mdx index e021c0868de3a..96948fd3e472a 100644 --- a/api_docs/kbn_content_management_content_insights_server.mdx +++ b/api_docs/kbn_content_management_content_insights_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-content-insights-server title: "@kbn/content-management-content-insights-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-content-insights-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-content-insights-server'] --- import kbnContentManagementContentInsightsServerObj from './kbn_content_management_content_insights_server.devdocs.json'; diff --git a/api_docs/kbn_content_management_favorites_public.mdx b/api_docs/kbn_content_management_favorites_public.mdx index 07b4d0c9dfbfc..a8097901e5762 100644 --- a/api_docs/kbn_content_management_favorites_public.mdx +++ b/api_docs/kbn_content_management_favorites_public.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-favorites-public title: "@kbn/content-management-favorites-public" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-favorites-public plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-favorites-public'] --- import kbnContentManagementFavoritesPublicObj from './kbn_content_management_favorites_public.devdocs.json'; diff --git a/api_docs/kbn_content_management_favorites_server.mdx b/api_docs/kbn_content_management_favorites_server.mdx index 9ded67b298292..30bb73888d630 100644 --- a/api_docs/kbn_content_management_favorites_server.mdx +++ b/api_docs/kbn_content_management_favorites_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-favorites-server title: "@kbn/content-management-favorites-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-favorites-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-favorites-server'] --- import kbnContentManagementFavoritesServerObj from './kbn_content_management_favorites_server.devdocs.json'; diff --git a/api_docs/kbn_content_management_tabbed_table_list_view.mdx b/api_docs/kbn_content_management_tabbed_table_list_view.mdx index 4063fb44ce59b..d51ad9435f37c 100644 --- a/api_docs/kbn_content_management_tabbed_table_list_view.mdx +++ b/api_docs/kbn_content_management_tabbed_table_list_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-tabbed-table-list-view title: "@kbn/content-management-tabbed-table-list-view" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-tabbed-table-list-view plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-tabbed-table-list-view'] --- import kbnContentManagementTabbedTableListViewObj from './kbn_content_management_tabbed_table_list_view.devdocs.json'; diff --git a/api_docs/kbn_content_management_table_list_view.mdx b/api_docs/kbn_content_management_table_list_view.mdx index 21f254a9421dc..c25636de5b881 100644 --- a/api_docs/kbn_content_management_table_list_view.mdx +++ b/api_docs/kbn_content_management_table_list_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-table-list-view title: "@kbn/content-management-table-list-view" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-table-list-view plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-table-list-view'] --- import kbnContentManagementTableListViewObj from './kbn_content_management_table_list_view.devdocs.json'; diff --git a/api_docs/kbn_content_management_table_list_view_common.mdx b/api_docs/kbn_content_management_table_list_view_common.mdx index e96753233ef4e..8cec9381c2e09 100644 --- a/api_docs/kbn_content_management_table_list_view_common.mdx +++ b/api_docs/kbn_content_management_table_list_view_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-table-list-view-common title: "@kbn/content-management-table-list-view-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-table-list-view-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-table-list-view-common'] --- import kbnContentManagementTableListViewCommonObj from './kbn_content_management_table_list_view_common.devdocs.json'; diff --git a/api_docs/kbn_content_management_table_list_view_table.mdx b/api_docs/kbn_content_management_table_list_view_table.mdx index 477ae2525ff73..cefa6049ed1f2 100644 --- a/api_docs/kbn_content_management_table_list_view_table.mdx +++ b/api_docs/kbn_content_management_table_list_view_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-table-list-view-table title: "@kbn/content-management-table-list-view-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-table-list-view-table plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-table-list-view-table'] --- import kbnContentManagementTableListViewTableObj from './kbn_content_management_table_list_view_table.devdocs.json'; diff --git a/api_docs/kbn_content_management_user_profiles.mdx b/api_docs/kbn_content_management_user_profiles.mdx index 66b9ac1cfc2ce..f2787cb616266 100644 --- a/api_docs/kbn_content_management_user_profiles.mdx +++ b/api_docs/kbn_content_management_user_profiles.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-user-profiles title: "@kbn/content-management-user-profiles" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-user-profiles plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-user-profiles'] --- import kbnContentManagementUserProfilesObj from './kbn_content_management_user_profiles.devdocs.json'; diff --git a/api_docs/kbn_content_management_utils.mdx b/api_docs/kbn_content_management_utils.mdx index 653210b7a300a..18200b9f8e0b2 100644 --- a/api_docs/kbn_content_management_utils.mdx +++ b/api_docs/kbn_content_management_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-utils title: "@kbn/content-management-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-utils'] --- import kbnContentManagementUtilsObj from './kbn_content_management_utils.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_browser.devdocs.json b/api_docs/kbn_core_analytics_browser.devdocs.json index c72c8e37bd6b3..8b02dae4fa8ca 100644 --- a/api_docs/kbn_core_analytics_browser.devdocs.json +++ b/api_docs/kbn_core_analytics_browser.devdocs.json @@ -986,6 +986,10 @@ "plugin": "apm", "path": "x-pack/plugins/observability_solution/apm/public/services/telemetry/telemetry_client.ts" }, + { + "plugin": "inventory", + "path": "x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_client.ts" + }, { "plugin": "observabilityLogsExplorer", "path": "x-pack/plugins/observability_solution/observability_logs_explorer/public/state_machines/observability_logs_explorer/src/telemetry_events.ts" @@ -1282,6 +1286,14 @@ "plugin": "infra", "path": "x-pack/plugins/observability_solution/infra/public/services/telemetry/telemetry_service.test.ts" }, + { + "plugin": "inventory", + "path": "x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_service.test.ts" + }, + { + "plugin": "inventory", + "path": "x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_service.test.ts" + }, { "plugin": "securitySolution", "path": "x-pack/plugins/security_solution/public/common/lib/telemetry/telemetry_service.test.ts" diff --git a/api_docs/kbn_core_analytics_browser.mdx b/api_docs/kbn_core_analytics_browser.mdx index 3d36cef557842..3df1a69e6174e 100644 --- a/api_docs/kbn_core_analytics_browser.mdx +++ b/api_docs/kbn_core_analytics_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-browser title: "@kbn/core-analytics-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-browser'] --- import kbnCoreAnalyticsBrowserObj from './kbn_core_analytics_browser.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_browser_internal.mdx b/api_docs/kbn_core_analytics_browser_internal.mdx index 0bd6d2f76bb5f..c96b5e320ab6b 100644 --- a/api_docs/kbn_core_analytics_browser_internal.mdx +++ b/api_docs/kbn_core_analytics_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-browser-internal title: "@kbn/core-analytics-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-browser-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-browser-internal'] --- import kbnCoreAnalyticsBrowserInternalObj from './kbn_core_analytics_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_browser_mocks.mdx b/api_docs/kbn_core_analytics_browser_mocks.mdx index aeb9800fb70d4..f4f858e5b2d7a 100644 --- a/api_docs/kbn_core_analytics_browser_mocks.mdx +++ b/api_docs/kbn_core_analytics_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-browser-mocks title: "@kbn/core-analytics-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-browser-mocks'] --- import kbnCoreAnalyticsBrowserMocksObj from './kbn_core_analytics_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_server.devdocs.json b/api_docs/kbn_core_analytics_server.devdocs.json index 634566ac17f0b..d6c06f0d5d20c 100644 --- a/api_docs/kbn_core_analytics_server.devdocs.json +++ b/api_docs/kbn_core_analytics_server.devdocs.json @@ -994,6 +994,10 @@ "plugin": "apm", "path": "x-pack/plugins/observability_solution/apm/public/services/telemetry/telemetry_client.ts" }, + { + "plugin": "inventory", + "path": "x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_client.ts" + }, { "plugin": "observabilityLogsExplorer", "path": "x-pack/plugins/observability_solution/observability_logs_explorer/public/state_machines/observability_logs_explorer/src/telemetry_events.ts" @@ -1290,6 +1294,14 @@ "plugin": "infra", "path": "x-pack/plugins/observability_solution/infra/public/services/telemetry/telemetry_service.test.ts" }, + { + "plugin": "inventory", + "path": "x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_service.test.ts" + }, + { + "plugin": "inventory", + "path": "x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_service.test.ts" + }, { "plugin": "securitySolution", "path": "x-pack/plugins/security_solution/public/common/lib/telemetry/telemetry_service.test.ts" diff --git a/api_docs/kbn_core_analytics_server.mdx b/api_docs/kbn_core_analytics_server.mdx index 7b8b0d7f8ff84..16f5d3717632a 100644 --- a/api_docs/kbn_core_analytics_server.mdx +++ b/api_docs/kbn_core_analytics_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-server title: "@kbn/core-analytics-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-server'] --- import kbnCoreAnalyticsServerObj from './kbn_core_analytics_server.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_server_internal.mdx b/api_docs/kbn_core_analytics_server_internal.mdx index 89d49ec5358ea..a5cf641e919f3 100644 --- a/api_docs/kbn_core_analytics_server_internal.mdx +++ b/api_docs/kbn_core_analytics_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-server-internal title: "@kbn/core-analytics-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-server-internal'] --- import kbnCoreAnalyticsServerInternalObj from './kbn_core_analytics_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_server_mocks.mdx b/api_docs/kbn_core_analytics_server_mocks.mdx index 583a0359cd001..60be05ba7e737 100644 --- a/api_docs/kbn_core_analytics_server_mocks.mdx +++ b/api_docs/kbn_core_analytics_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-server-mocks title: "@kbn/core-analytics-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-server-mocks'] --- import kbnCoreAnalyticsServerMocksObj from './kbn_core_analytics_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_application_browser.mdx b/api_docs/kbn_core_application_browser.mdx index 4fc25fdd55274..be42486b562d4 100644 --- a/api_docs/kbn_core_application_browser.mdx +++ b/api_docs/kbn_core_application_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-browser title: "@kbn/core-application-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-browser'] --- import kbnCoreApplicationBrowserObj from './kbn_core_application_browser.devdocs.json'; diff --git a/api_docs/kbn_core_application_browser_internal.mdx b/api_docs/kbn_core_application_browser_internal.mdx index 24eaeba9a0524..205a250d1930f 100644 --- a/api_docs/kbn_core_application_browser_internal.mdx +++ b/api_docs/kbn_core_application_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-browser-internal title: "@kbn/core-application-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-browser-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-browser-internal'] --- import kbnCoreApplicationBrowserInternalObj from './kbn_core_application_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_application_browser_mocks.mdx b/api_docs/kbn_core_application_browser_mocks.mdx index 59e07e8efefe8..c41a646fe5221 100644 --- a/api_docs/kbn_core_application_browser_mocks.mdx +++ b/api_docs/kbn_core_application_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-browser-mocks title: "@kbn/core-application-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-browser-mocks'] --- import kbnCoreApplicationBrowserMocksObj from './kbn_core_application_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_application_common.mdx b/api_docs/kbn_core_application_common.mdx index e8006fa3c2e08..199985afc9f9d 100644 --- a/api_docs/kbn_core_application_common.mdx +++ b/api_docs/kbn_core_application_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-common title: "@kbn/core-application-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-common'] --- import kbnCoreApplicationCommonObj from './kbn_core_application_common.devdocs.json'; diff --git a/api_docs/kbn_core_apps_browser_internal.mdx b/api_docs/kbn_core_apps_browser_internal.mdx index 9561c15624d0b..119ac3ed0c04d 100644 --- a/api_docs/kbn_core_apps_browser_internal.mdx +++ b/api_docs/kbn_core_apps_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-apps-browser-internal title: "@kbn/core-apps-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-apps-browser-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-apps-browser-internal'] --- import kbnCoreAppsBrowserInternalObj from './kbn_core_apps_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_apps_browser_mocks.mdx b/api_docs/kbn_core_apps_browser_mocks.mdx index 1dc319b9009c2..782e77c9ce722 100644 --- a/api_docs/kbn_core_apps_browser_mocks.mdx +++ b/api_docs/kbn_core_apps_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-apps-browser-mocks title: "@kbn/core-apps-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-apps-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-apps-browser-mocks'] --- import kbnCoreAppsBrowserMocksObj from './kbn_core_apps_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_apps_server_internal.mdx b/api_docs/kbn_core_apps_server_internal.mdx index 5e03c4bc9539a..5d999e66afed4 100644 --- a/api_docs/kbn_core_apps_server_internal.mdx +++ b/api_docs/kbn_core_apps_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-apps-server-internal title: "@kbn/core-apps-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-apps-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-apps-server-internal'] --- import kbnCoreAppsServerInternalObj from './kbn_core_apps_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_base_browser_mocks.mdx b/api_docs/kbn_core_base_browser_mocks.mdx index bbbc987f2443c..6261ffe7253f4 100644 --- a/api_docs/kbn_core_base_browser_mocks.mdx +++ b/api_docs/kbn_core_base_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-browser-mocks title: "@kbn/core-base-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-browser-mocks'] --- import kbnCoreBaseBrowserMocksObj from './kbn_core_base_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_base_common.mdx b/api_docs/kbn_core_base_common.mdx index a5475c04899db..83a086198b20e 100644 --- a/api_docs/kbn_core_base_common.mdx +++ b/api_docs/kbn_core_base_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-common title: "@kbn/core-base-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-common'] --- import kbnCoreBaseCommonObj from './kbn_core_base_common.devdocs.json'; diff --git a/api_docs/kbn_core_base_server_internal.mdx b/api_docs/kbn_core_base_server_internal.mdx index 8ca0ac1008dc3..9711ba19a7bd6 100644 --- a/api_docs/kbn_core_base_server_internal.mdx +++ b/api_docs/kbn_core_base_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-server-internal title: "@kbn/core-base-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-server-internal'] --- import kbnCoreBaseServerInternalObj from './kbn_core_base_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_base_server_mocks.mdx b/api_docs/kbn_core_base_server_mocks.mdx index 78eaaa9b6f9c4..1755fb65da97b 100644 --- a/api_docs/kbn_core_base_server_mocks.mdx +++ b/api_docs/kbn_core_base_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-server-mocks title: "@kbn/core-base-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-server-mocks'] --- import kbnCoreBaseServerMocksObj from './kbn_core_base_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_browser_mocks.mdx b/api_docs/kbn_core_capabilities_browser_mocks.mdx index ddcc033da4a33..f526e3e0e4647 100644 --- a/api_docs/kbn_core_capabilities_browser_mocks.mdx +++ b/api_docs/kbn_core_capabilities_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-browser-mocks title: "@kbn/core-capabilities-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-browser-mocks'] --- import kbnCoreCapabilitiesBrowserMocksObj from './kbn_core_capabilities_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_common.mdx b/api_docs/kbn_core_capabilities_common.mdx index a1b1df98d78d0..29da7fdc03769 100644 --- a/api_docs/kbn_core_capabilities_common.mdx +++ b/api_docs/kbn_core_capabilities_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-common title: "@kbn/core-capabilities-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-common'] --- import kbnCoreCapabilitiesCommonObj from './kbn_core_capabilities_common.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_server.mdx b/api_docs/kbn_core_capabilities_server.mdx index 32e734d28ded2..4701a1361bc4e 100644 --- a/api_docs/kbn_core_capabilities_server.mdx +++ b/api_docs/kbn_core_capabilities_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-server title: "@kbn/core-capabilities-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-server'] --- import kbnCoreCapabilitiesServerObj from './kbn_core_capabilities_server.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_server_mocks.mdx b/api_docs/kbn_core_capabilities_server_mocks.mdx index f450c0e1a2398..4a42206bfddd4 100644 --- a/api_docs/kbn_core_capabilities_server_mocks.mdx +++ b/api_docs/kbn_core_capabilities_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-server-mocks title: "@kbn/core-capabilities-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-server-mocks'] --- import kbnCoreCapabilitiesServerMocksObj from './kbn_core_capabilities_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_chrome_browser.mdx b/api_docs/kbn_core_chrome_browser.mdx index 4be4b2b05f6c3..f91ce095a8381 100644 --- a/api_docs/kbn_core_chrome_browser.mdx +++ b/api_docs/kbn_core_chrome_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-chrome-browser title: "@kbn/core-chrome-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-chrome-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-chrome-browser'] --- import kbnCoreChromeBrowserObj from './kbn_core_chrome_browser.devdocs.json'; diff --git a/api_docs/kbn_core_chrome_browser_mocks.mdx b/api_docs/kbn_core_chrome_browser_mocks.mdx index 7777ebca0552f..ee61bc9c6a7eb 100644 --- a/api_docs/kbn_core_chrome_browser_mocks.mdx +++ b/api_docs/kbn_core_chrome_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-chrome-browser-mocks title: "@kbn/core-chrome-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-chrome-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-chrome-browser-mocks'] --- import kbnCoreChromeBrowserMocksObj from './kbn_core_chrome_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_config_server_internal.mdx b/api_docs/kbn_core_config_server_internal.mdx index cf7990ad46b75..b7668081d4ee3 100644 --- a/api_docs/kbn_core_config_server_internal.mdx +++ b/api_docs/kbn_core_config_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-config-server-internal title: "@kbn/core-config-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-config-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-config-server-internal'] --- import kbnCoreConfigServerInternalObj from './kbn_core_config_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_browser.mdx b/api_docs/kbn_core_custom_branding_browser.mdx index b3bb6b19c9073..e48e917415d0b 100644 --- a/api_docs/kbn_core_custom_branding_browser.mdx +++ b/api_docs/kbn_core_custom_branding_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-browser title: "@kbn/core-custom-branding-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-browser'] --- import kbnCoreCustomBrandingBrowserObj from './kbn_core_custom_branding_browser.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_browser_internal.mdx b/api_docs/kbn_core_custom_branding_browser_internal.mdx index 7034c10b045ce..95cf740feff7a 100644 --- a/api_docs/kbn_core_custom_branding_browser_internal.mdx +++ b/api_docs/kbn_core_custom_branding_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-browser-internal title: "@kbn/core-custom-branding-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-browser-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-browser-internal'] --- import kbnCoreCustomBrandingBrowserInternalObj from './kbn_core_custom_branding_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_browser_mocks.mdx b/api_docs/kbn_core_custom_branding_browser_mocks.mdx index a3e2e6f527031..9ceacd82ea55f 100644 --- a/api_docs/kbn_core_custom_branding_browser_mocks.mdx +++ b/api_docs/kbn_core_custom_branding_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-browser-mocks title: "@kbn/core-custom-branding-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-browser-mocks'] --- import kbnCoreCustomBrandingBrowserMocksObj from './kbn_core_custom_branding_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_common.mdx b/api_docs/kbn_core_custom_branding_common.mdx index f423a08b9296a..3022568b2d394 100644 --- a/api_docs/kbn_core_custom_branding_common.mdx +++ b/api_docs/kbn_core_custom_branding_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-common title: "@kbn/core-custom-branding-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-common'] --- import kbnCoreCustomBrandingCommonObj from './kbn_core_custom_branding_common.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_server.mdx b/api_docs/kbn_core_custom_branding_server.mdx index f80f77426200d..b38405d330388 100644 --- a/api_docs/kbn_core_custom_branding_server.mdx +++ b/api_docs/kbn_core_custom_branding_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-server title: "@kbn/core-custom-branding-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-server'] --- import kbnCoreCustomBrandingServerObj from './kbn_core_custom_branding_server.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_server_internal.mdx b/api_docs/kbn_core_custom_branding_server_internal.mdx index e77560f2d0861..81f3b6504ecac 100644 --- a/api_docs/kbn_core_custom_branding_server_internal.mdx +++ b/api_docs/kbn_core_custom_branding_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-server-internal title: "@kbn/core-custom-branding-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-server-internal'] --- import kbnCoreCustomBrandingServerInternalObj from './kbn_core_custom_branding_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_server_mocks.mdx b/api_docs/kbn_core_custom_branding_server_mocks.mdx index 6123a5a65192d..949467426e44f 100644 --- a/api_docs/kbn_core_custom_branding_server_mocks.mdx +++ b/api_docs/kbn_core_custom_branding_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-server-mocks title: "@kbn/core-custom-branding-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-server-mocks'] --- import kbnCoreCustomBrandingServerMocksObj from './kbn_core_custom_branding_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_browser.mdx b/api_docs/kbn_core_deprecations_browser.mdx index 872064b3df1b9..27fa7e7ad6f52 100644 --- a/api_docs/kbn_core_deprecations_browser.mdx +++ b/api_docs/kbn_core_deprecations_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-browser title: "@kbn/core-deprecations-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-browser'] --- import kbnCoreDeprecationsBrowserObj from './kbn_core_deprecations_browser.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_browser_internal.mdx b/api_docs/kbn_core_deprecations_browser_internal.mdx index e63139fb73058..0ce1fe6cab123 100644 --- a/api_docs/kbn_core_deprecations_browser_internal.mdx +++ b/api_docs/kbn_core_deprecations_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-browser-internal title: "@kbn/core-deprecations-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-browser-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-browser-internal'] --- import kbnCoreDeprecationsBrowserInternalObj from './kbn_core_deprecations_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_browser_mocks.mdx b/api_docs/kbn_core_deprecations_browser_mocks.mdx index 58f7db65c14e9..7823847efc55e 100644 --- a/api_docs/kbn_core_deprecations_browser_mocks.mdx +++ b/api_docs/kbn_core_deprecations_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-browser-mocks title: "@kbn/core-deprecations-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-browser-mocks'] --- import kbnCoreDeprecationsBrowserMocksObj from './kbn_core_deprecations_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_common.mdx b/api_docs/kbn_core_deprecations_common.mdx index d0f9e34e38481..2ca1a9a5995d7 100644 --- a/api_docs/kbn_core_deprecations_common.mdx +++ b/api_docs/kbn_core_deprecations_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-common title: "@kbn/core-deprecations-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-common'] --- import kbnCoreDeprecationsCommonObj from './kbn_core_deprecations_common.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_server.mdx b/api_docs/kbn_core_deprecations_server.mdx index c768ced867f6c..05a6fc2800d45 100644 --- a/api_docs/kbn_core_deprecations_server.mdx +++ b/api_docs/kbn_core_deprecations_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-server title: "@kbn/core-deprecations-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-server'] --- import kbnCoreDeprecationsServerObj from './kbn_core_deprecations_server.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_server_internal.mdx b/api_docs/kbn_core_deprecations_server_internal.mdx index 439081e3b9170..76401015261f3 100644 --- a/api_docs/kbn_core_deprecations_server_internal.mdx +++ b/api_docs/kbn_core_deprecations_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-server-internal title: "@kbn/core-deprecations-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-server-internal'] --- import kbnCoreDeprecationsServerInternalObj from './kbn_core_deprecations_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_server_mocks.mdx b/api_docs/kbn_core_deprecations_server_mocks.mdx index 4dbea8335d921..f26999c9ccb92 100644 --- a/api_docs/kbn_core_deprecations_server_mocks.mdx +++ b/api_docs/kbn_core_deprecations_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-server-mocks title: "@kbn/core-deprecations-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-server-mocks'] --- import kbnCoreDeprecationsServerMocksObj from './kbn_core_deprecations_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_browser.mdx b/api_docs/kbn_core_doc_links_browser.mdx index a8c868008710e..89510f89fb446 100644 --- a/api_docs/kbn_core_doc_links_browser.mdx +++ b/api_docs/kbn_core_doc_links_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-browser title: "@kbn/core-doc-links-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-browser'] --- import kbnCoreDocLinksBrowserObj from './kbn_core_doc_links_browser.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_browser_mocks.mdx b/api_docs/kbn_core_doc_links_browser_mocks.mdx index 9f741ba7daa8f..e2ace01f4d91a 100644 --- a/api_docs/kbn_core_doc_links_browser_mocks.mdx +++ b/api_docs/kbn_core_doc_links_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-browser-mocks title: "@kbn/core-doc-links-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-browser-mocks'] --- import kbnCoreDocLinksBrowserMocksObj from './kbn_core_doc_links_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_server.mdx b/api_docs/kbn_core_doc_links_server.mdx index 9f814d1ab7a77..cb0e47e526147 100644 --- a/api_docs/kbn_core_doc_links_server.mdx +++ b/api_docs/kbn_core_doc_links_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-server title: "@kbn/core-doc-links-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-server'] --- import kbnCoreDocLinksServerObj from './kbn_core_doc_links_server.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_server_mocks.mdx b/api_docs/kbn_core_doc_links_server_mocks.mdx index 0baf54733d3c6..cd6c785eb9766 100644 --- a/api_docs/kbn_core_doc_links_server_mocks.mdx +++ b/api_docs/kbn_core_doc_links_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-server-mocks title: "@kbn/core-doc-links-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-server-mocks'] --- import kbnCoreDocLinksServerMocksObj from './kbn_core_doc_links_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_client_server_internal.mdx b/api_docs/kbn_core_elasticsearch_client_server_internal.mdx index 3e2b4fbfcde94..a64c8e76457c0 100644 --- a/api_docs/kbn_core_elasticsearch_client_server_internal.mdx +++ b/api_docs/kbn_core_elasticsearch_client_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-client-server-internal title: "@kbn/core-elasticsearch-client-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-client-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-client-server-internal'] --- import kbnCoreElasticsearchClientServerInternalObj from './kbn_core_elasticsearch_client_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx b/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx index e5deb095e2a55..d318ce092bde2 100644 --- a/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx +++ b/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-client-server-mocks title: "@kbn/core-elasticsearch-client-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-client-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-client-server-mocks'] --- import kbnCoreElasticsearchClientServerMocksObj from './kbn_core_elasticsearch_client_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_server.mdx b/api_docs/kbn_core_elasticsearch_server.mdx index bb361d8daea6f..d7a7d8dd79fb1 100644 --- a/api_docs/kbn_core_elasticsearch_server.mdx +++ b/api_docs/kbn_core_elasticsearch_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-server title: "@kbn/core-elasticsearch-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-server'] --- import kbnCoreElasticsearchServerObj from './kbn_core_elasticsearch_server.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_server_internal.mdx b/api_docs/kbn_core_elasticsearch_server_internal.mdx index ac2e619de320b..28b041ffda656 100644 --- a/api_docs/kbn_core_elasticsearch_server_internal.mdx +++ b/api_docs/kbn_core_elasticsearch_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-server-internal title: "@kbn/core-elasticsearch-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-server-internal'] --- import kbnCoreElasticsearchServerInternalObj from './kbn_core_elasticsearch_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_server_mocks.mdx b/api_docs/kbn_core_elasticsearch_server_mocks.mdx index 715d5c25493b9..a4d11955f590b 100644 --- a/api_docs/kbn_core_elasticsearch_server_mocks.mdx +++ b/api_docs/kbn_core_elasticsearch_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-server-mocks title: "@kbn/core-elasticsearch-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-server-mocks'] --- import kbnCoreElasticsearchServerMocksObj from './kbn_core_elasticsearch_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_environment_server_internal.mdx b/api_docs/kbn_core_environment_server_internal.mdx index 11bfb9e26df74..a878b7bb2d05a 100644 --- a/api_docs/kbn_core_environment_server_internal.mdx +++ b/api_docs/kbn_core_environment_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-environment-server-internal title: "@kbn/core-environment-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-environment-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-environment-server-internal'] --- import kbnCoreEnvironmentServerInternalObj from './kbn_core_environment_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_environment_server_mocks.mdx b/api_docs/kbn_core_environment_server_mocks.mdx index 57cad2b1d4cba..f65a6cfa25bac 100644 --- a/api_docs/kbn_core_environment_server_mocks.mdx +++ b/api_docs/kbn_core_environment_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-environment-server-mocks title: "@kbn/core-environment-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-environment-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-environment-server-mocks'] --- import kbnCoreEnvironmentServerMocksObj from './kbn_core_environment_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_browser.mdx b/api_docs/kbn_core_execution_context_browser.mdx index 2b7452c501110..e18bbbd590468 100644 --- a/api_docs/kbn_core_execution_context_browser.mdx +++ b/api_docs/kbn_core_execution_context_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-browser title: "@kbn/core-execution-context-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-browser'] --- import kbnCoreExecutionContextBrowserObj from './kbn_core_execution_context_browser.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_browser_internal.mdx b/api_docs/kbn_core_execution_context_browser_internal.mdx index 293bf0ed890ad..eb02a6e79738b 100644 --- a/api_docs/kbn_core_execution_context_browser_internal.mdx +++ b/api_docs/kbn_core_execution_context_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-browser-internal title: "@kbn/core-execution-context-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-browser-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-browser-internal'] --- import kbnCoreExecutionContextBrowserInternalObj from './kbn_core_execution_context_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_browser_mocks.mdx b/api_docs/kbn_core_execution_context_browser_mocks.mdx index 7f9972d184abe..e4be154316277 100644 --- a/api_docs/kbn_core_execution_context_browser_mocks.mdx +++ b/api_docs/kbn_core_execution_context_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-browser-mocks title: "@kbn/core-execution-context-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-browser-mocks'] --- import kbnCoreExecutionContextBrowserMocksObj from './kbn_core_execution_context_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_common.mdx b/api_docs/kbn_core_execution_context_common.mdx index bad76c3bd2395..0fec1d4fd393c 100644 --- a/api_docs/kbn_core_execution_context_common.mdx +++ b/api_docs/kbn_core_execution_context_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-common title: "@kbn/core-execution-context-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-common'] --- import kbnCoreExecutionContextCommonObj from './kbn_core_execution_context_common.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_server.mdx b/api_docs/kbn_core_execution_context_server.mdx index 2bbc7849cf89b..d041cff71dab2 100644 --- a/api_docs/kbn_core_execution_context_server.mdx +++ b/api_docs/kbn_core_execution_context_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-server title: "@kbn/core-execution-context-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-server'] --- import kbnCoreExecutionContextServerObj from './kbn_core_execution_context_server.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_server_internal.mdx b/api_docs/kbn_core_execution_context_server_internal.mdx index e6d31a8d50c79..c9014070e632a 100644 --- a/api_docs/kbn_core_execution_context_server_internal.mdx +++ b/api_docs/kbn_core_execution_context_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-server-internal title: "@kbn/core-execution-context-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-server-internal'] --- import kbnCoreExecutionContextServerInternalObj from './kbn_core_execution_context_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_server_mocks.mdx b/api_docs/kbn_core_execution_context_server_mocks.mdx index 8d5766cf3272b..ff4178f885f5d 100644 --- a/api_docs/kbn_core_execution_context_server_mocks.mdx +++ b/api_docs/kbn_core_execution_context_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-server-mocks title: "@kbn/core-execution-context-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-server-mocks'] --- import kbnCoreExecutionContextServerMocksObj from './kbn_core_execution_context_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_fatal_errors_browser.mdx b/api_docs/kbn_core_fatal_errors_browser.mdx index 9c6bd827f7f31..94b91df2ade37 100644 --- a/api_docs/kbn_core_fatal_errors_browser.mdx +++ b/api_docs/kbn_core_fatal_errors_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-fatal-errors-browser title: "@kbn/core-fatal-errors-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-fatal-errors-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-fatal-errors-browser'] --- import kbnCoreFatalErrorsBrowserObj from './kbn_core_fatal_errors_browser.devdocs.json'; diff --git a/api_docs/kbn_core_fatal_errors_browser_mocks.mdx b/api_docs/kbn_core_fatal_errors_browser_mocks.mdx index cadbbf580773a..5ae9ae2e2c637 100644 --- a/api_docs/kbn_core_fatal_errors_browser_mocks.mdx +++ b/api_docs/kbn_core_fatal_errors_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-fatal-errors-browser-mocks title: "@kbn/core-fatal-errors-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-fatal-errors-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-fatal-errors-browser-mocks'] --- import kbnCoreFatalErrorsBrowserMocksObj from './kbn_core_fatal_errors_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_browser.mdx b/api_docs/kbn_core_feature_flags_browser.mdx index 0293441f14615..837e3e33a632c 100644 --- a/api_docs/kbn_core_feature_flags_browser.mdx +++ b/api_docs/kbn_core_feature_flags_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-browser title: "@kbn/core-feature-flags-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-browser'] --- import kbnCoreFeatureFlagsBrowserObj from './kbn_core_feature_flags_browser.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_browser_internal.mdx b/api_docs/kbn_core_feature_flags_browser_internal.mdx index c163cf40155a6..8f9b324aa48fa 100644 --- a/api_docs/kbn_core_feature_flags_browser_internal.mdx +++ b/api_docs/kbn_core_feature_flags_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-browser-internal title: "@kbn/core-feature-flags-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-browser-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-browser-internal'] --- import kbnCoreFeatureFlagsBrowserInternalObj from './kbn_core_feature_flags_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_browser_mocks.mdx b/api_docs/kbn_core_feature_flags_browser_mocks.mdx index 94547c6b7132a..6ddb387cac9d0 100644 --- a/api_docs/kbn_core_feature_flags_browser_mocks.mdx +++ b/api_docs/kbn_core_feature_flags_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-browser-mocks title: "@kbn/core-feature-flags-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-browser-mocks'] --- import kbnCoreFeatureFlagsBrowserMocksObj from './kbn_core_feature_flags_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_server.mdx b/api_docs/kbn_core_feature_flags_server.mdx index 3c8e56af7b14d..5b1946b309e32 100644 --- a/api_docs/kbn_core_feature_flags_server.mdx +++ b/api_docs/kbn_core_feature_flags_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-server title: "@kbn/core-feature-flags-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-server'] --- import kbnCoreFeatureFlagsServerObj from './kbn_core_feature_flags_server.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_server_internal.mdx b/api_docs/kbn_core_feature_flags_server_internal.mdx index cc88d175dc185..4fec14f7aab91 100644 --- a/api_docs/kbn_core_feature_flags_server_internal.mdx +++ b/api_docs/kbn_core_feature_flags_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-server-internal title: "@kbn/core-feature-flags-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-server-internal'] --- import kbnCoreFeatureFlagsServerInternalObj from './kbn_core_feature_flags_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_server_mocks.mdx b/api_docs/kbn_core_feature_flags_server_mocks.mdx index 7e6e6d8b9e539..bb595ca54c5b5 100644 --- a/api_docs/kbn_core_feature_flags_server_mocks.mdx +++ b/api_docs/kbn_core_feature_flags_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-server-mocks title: "@kbn/core-feature-flags-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-server-mocks'] --- import kbnCoreFeatureFlagsServerMocksObj from './kbn_core_feature_flags_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_browser.mdx b/api_docs/kbn_core_http_browser.mdx index 6581b27a433f6..e6b8cd311ee63 100644 --- a/api_docs/kbn_core_http_browser.mdx +++ b/api_docs/kbn_core_http_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-browser title: "@kbn/core-http-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-browser'] --- import kbnCoreHttpBrowserObj from './kbn_core_http_browser.devdocs.json'; diff --git a/api_docs/kbn_core_http_browser_internal.mdx b/api_docs/kbn_core_http_browser_internal.mdx index 39563f17dc6e6..8dcf27cacafce 100644 --- a/api_docs/kbn_core_http_browser_internal.mdx +++ b/api_docs/kbn_core_http_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-browser-internal title: "@kbn/core-http-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-browser-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-browser-internal'] --- import kbnCoreHttpBrowserInternalObj from './kbn_core_http_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_browser_mocks.mdx b/api_docs/kbn_core_http_browser_mocks.mdx index de937ef5a9668..9369f65971af7 100644 --- a/api_docs/kbn_core_http_browser_mocks.mdx +++ b/api_docs/kbn_core_http_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-browser-mocks title: "@kbn/core-http-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-browser-mocks'] --- import kbnCoreHttpBrowserMocksObj from './kbn_core_http_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_common.mdx b/api_docs/kbn_core_http_common.mdx index 98c590162e705..f1d1f27d7d1b0 100644 --- a/api_docs/kbn_core_http_common.mdx +++ b/api_docs/kbn_core_http_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-common title: "@kbn/core-http-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-common'] --- import kbnCoreHttpCommonObj from './kbn_core_http_common.devdocs.json'; diff --git a/api_docs/kbn_core_http_context_server_mocks.mdx b/api_docs/kbn_core_http_context_server_mocks.mdx index 1fb388fb50455..db25080fbfe34 100644 --- a/api_docs/kbn_core_http_context_server_mocks.mdx +++ b/api_docs/kbn_core_http_context_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-context-server-mocks title: "@kbn/core-http-context-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-context-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-context-server-mocks'] --- import kbnCoreHttpContextServerMocksObj from './kbn_core_http_context_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_request_handler_context_server.mdx b/api_docs/kbn_core_http_request_handler_context_server.mdx index fa0aa8cc8e05f..68278c812c48d 100644 --- a/api_docs/kbn_core_http_request_handler_context_server.mdx +++ b/api_docs/kbn_core_http_request_handler_context_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-request-handler-context-server title: "@kbn/core-http-request-handler-context-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-request-handler-context-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-request-handler-context-server'] --- import kbnCoreHttpRequestHandlerContextServerObj from './kbn_core_http_request_handler_context_server.devdocs.json'; diff --git a/api_docs/kbn_core_http_resources_server.mdx b/api_docs/kbn_core_http_resources_server.mdx index 683850b8ea017..8be0dbf992f29 100644 --- a/api_docs/kbn_core_http_resources_server.mdx +++ b/api_docs/kbn_core_http_resources_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-resources-server title: "@kbn/core-http-resources-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-resources-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-resources-server'] --- import kbnCoreHttpResourcesServerObj from './kbn_core_http_resources_server.devdocs.json'; diff --git a/api_docs/kbn_core_http_resources_server_internal.mdx b/api_docs/kbn_core_http_resources_server_internal.mdx index 74f803867f54d..1407c288d0d11 100644 --- a/api_docs/kbn_core_http_resources_server_internal.mdx +++ b/api_docs/kbn_core_http_resources_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-resources-server-internal title: "@kbn/core-http-resources-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-resources-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-resources-server-internal'] --- import kbnCoreHttpResourcesServerInternalObj from './kbn_core_http_resources_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_resources_server_mocks.mdx b/api_docs/kbn_core_http_resources_server_mocks.mdx index 27b6a34ec58fd..4a68a3b2a6730 100644 --- a/api_docs/kbn_core_http_resources_server_mocks.mdx +++ b/api_docs/kbn_core_http_resources_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-resources-server-mocks title: "@kbn/core-http-resources-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-resources-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-resources-server-mocks'] --- import kbnCoreHttpResourcesServerMocksObj from './kbn_core_http_resources_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_router_server_internal.mdx b/api_docs/kbn_core_http_router_server_internal.mdx index 5136ae90c0ceb..e3dfaae50bad8 100644 --- a/api_docs/kbn_core_http_router_server_internal.mdx +++ b/api_docs/kbn_core_http_router_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-router-server-internal title: "@kbn/core-http-router-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-router-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-router-server-internal'] --- import kbnCoreHttpRouterServerInternalObj from './kbn_core_http_router_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_router_server_mocks.mdx b/api_docs/kbn_core_http_router_server_mocks.mdx index 3942218a1ab16..d6647890e2a91 100644 --- a/api_docs/kbn_core_http_router_server_mocks.mdx +++ b/api_docs/kbn_core_http_router_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-router-server-mocks title: "@kbn/core-http-router-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-router-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-router-server-mocks'] --- import kbnCoreHttpRouterServerMocksObj from './kbn_core_http_router_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_server.mdx b/api_docs/kbn_core_http_server.mdx index c4ab7c580b611..2e4af146f8ebb 100644 --- a/api_docs/kbn_core_http_server.mdx +++ b/api_docs/kbn_core_http_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-server title: "@kbn/core-http-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-server'] --- import kbnCoreHttpServerObj from './kbn_core_http_server.devdocs.json'; diff --git a/api_docs/kbn_core_http_server_internal.mdx b/api_docs/kbn_core_http_server_internal.mdx index 33e9a0c3ade6f..77084a93da169 100644 --- a/api_docs/kbn_core_http_server_internal.mdx +++ b/api_docs/kbn_core_http_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-server-internal title: "@kbn/core-http-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-server-internal'] --- import kbnCoreHttpServerInternalObj from './kbn_core_http_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_server_mocks.mdx b/api_docs/kbn_core_http_server_mocks.mdx index f4075a90bc72e..1eab4edff9c52 100644 --- a/api_docs/kbn_core_http_server_mocks.mdx +++ b/api_docs/kbn_core_http_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-server-mocks title: "@kbn/core-http-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-server-mocks'] --- import kbnCoreHttpServerMocksObj from './kbn_core_http_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_browser.mdx b/api_docs/kbn_core_i18n_browser.mdx index 572b3e7d794d5..a4f8c0fd2cbe5 100644 --- a/api_docs/kbn_core_i18n_browser.mdx +++ b/api_docs/kbn_core_i18n_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-browser title: "@kbn/core-i18n-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-browser'] --- import kbnCoreI18nBrowserObj from './kbn_core_i18n_browser.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_browser_mocks.mdx b/api_docs/kbn_core_i18n_browser_mocks.mdx index e2d673d573808..15cfc791df38d 100644 --- a/api_docs/kbn_core_i18n_browser_mocks.mdx +++ b/api_docs/kbn_core_i18n_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-browser-mocks title: "@kbn/core-i18n-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-browser-mocks'] --- import kbnCoreI18nBrowserMocksObj from './kbn_core_i18n_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_server.mdx b/api_docs/kbn_core_i18n_server.mdx index f6581fb208883..bb18ae0f8a60c 100644 --- a/api_docs/kbn_core_i18n_server.mdx +++ b/api_docs/kbn_core_i18n_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-server title: "@kbn/core-i18n-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-server'] --- import kbnCoreI18nServerObj from './kbn_core_i18n_server.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_server_internal.mdx b/api_docs/kbn_core_i18n_server_internal.mdx index 89b76e6a28e09..e2d19c3d25631 100644 --- a/api_docs/kbn_core_i18n_server_internal.mdx +++ b/api_docs/kbn_core_i18n_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-server-internal title: "@kbn/core-i18n-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-server-internal'] --- import kbnCoreI18nServerInternalObj from './kbn_core_i18n_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_server_mocks.mdx b/api_docs/kbn_core_i18n_server_mocks.mdx index 745b7c04b9a98..e44a4572314cd 100644 --- a/api_docs/kbn_core_i18n_server_mocks.mdx +++ b/api_docs/kbn_core_i18n_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-server-mocks title: "@kbn/core-i18n-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-server-mocks'] --- import kbnCoreI18nServerMocksObj from './kbn_core_i18n_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_injected_metadata_browser_mocks.mdx b/api_docs/kbn_core_injected_metadata_browser_mocks.mdx index 1300a21202f63..5e6b40e7fcf81 100644 --- a/api_docs/kbn_core_injected_metadata_browser_mocks.mdx +++ b/api_docs/kbn_core_injected_metadata_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-injected-metadata-browser-mocks title: "@kbn/core-injected-metadata-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-injected-metadata-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-injected-metadata-browser-mocks'] --- import kbnCoreInjectedMetadataBrowserMocksObj from './kbn_core_injected_metadata_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_integrations_browser_internal.mdx b/api_docs/kbn_core_integrations_browser_internal.mdx index 1504c5944d490..57c01c416bf0d 100644 --- a/api_docs/kbn_core_integrations_browser_internal.mdx +++ b/api_docs/kbn_core_integrations_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-integrations-browser-internal title: "@kbn/core-integrations-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-integrations-browser-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-integrations-browser-internal'] --- import kbnCoreIntegrationsBrowserInternalObj from './kbn_core_integrations_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_integrations_browser_mocks.mdx b/api_docs/kbn_core_integrations_browser_mocks.mdx index b17bb74133b52..51537ccdaf7d2 100644 --- a/api_docs/kbn_core_integrations_browser_mocks.mdx +++ b/api_docs/kbn_core_integrations_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-integrations-browser-mocks title: "@kbn/core-integrations-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-integrations-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-integrations-browser-mocks'] --- import kbnCoreIntegrationsBrowserMocksObj from './kbn_core_integrations_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_browser.devdocs.json b/api_docs/kbn_core_lifecycle_browser.devdocs.json index 6dc2ededac6e0..745022a2696c4 100644 --- a/api_docs/kbn_core_lifecycle_browser.devdocs.json +++ b/api_docs/kbn_core_lifecycle_browser.devdocs.json @@ -605,10 +605,6 @@ "plugin": "home", "path": "src/plugins/home/public/plugin.ts" }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/plugin.ts" - }, { "plugin": "unifiedSearch", "path": "src/plugins/unified_search/public/types.ts" diff --git a/api_docs/kbn_core_lifecycle_browser.mdx b/api_docs/kbn_core_lifecycle_browser.mdx index 01d2f1a69dedc..87ac6c95413d2 100644 --- a/api_docs/kbn_core_lifecycle_browser.mdx +++ b/api_docs/kbn_core_lifecycle_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-browser title: "@kbn/core-lifecycle-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-browser'] --- import kbnCoreLifecycleBrowserObj from './kbn_core_lifecycle_browser.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_browser_mocks.mdx b/api_docs/kbn_core_lifecycle_browser_mocks.mdx index 1428d7bba9204..affa19778068b 100644 --- a/api_docs/kbn_core_lifecycle_browser_mocks.mdx +++ b/api_docs/kbn_core_lifecycle_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-browser-mocks title: "@kbn/core-lifecycle-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-browser-mocks'] --- import kbnCoreLifecycleBrowserMocksObj from './kbn_core_lifecycle_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_server.mdx b/api_docs/kbn_core_lifecycle_server.mdx index 994a83ba82b76..c4d7d63de5056 100644 --- a/api_docs/kbn_core_lifecycle_server.mdx +++ b/api_docs/kbn_core_lifecycle_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-server title: "@kbn/core-lifecycle-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-server'] --- import kbnCoreLifecycleServerObj from './kbn_core_lifecycle_server.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_server_mocks.mdx b/api_docs/kbn_core_lifecycle_server_mocks.mdx index 070677f5edb47..3a891fb4544e5 100644 --- a/api_docs/kbn_core_lifecycle_server_mocks.mdx +++ b/api_docs/kbn_core_lifecycle_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-server-mocks title: "@kbn/core-lifecycle-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-server-mocks'] --- import kbnCoreLifecycleServerMocksObj from './kbn_core_lifecycle_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_logging_browser_mocks.mdx b/api_docs/kbn_core_logging_browser_mocks.mdx index a784834b0ab25..fc775df783422 100644 --- a/api_docs/kbn_core_logging_browser_mocks.mdx +++ b/api_docs/kbn_core_logging_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-browser-mocks title: "@kbn/core-logging-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-browser-mocks'] --- import kbnCoreLoggingBrowserMocksObj from './kbn_core_logging_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_logging_common_internal.mdx b/api_docs/kbn_core_logging_common_internal.mdx index 435290205514e..31d862162945c 100644 --- a/api_docs/kbn_core_logging_common_internal.mdx +++ b/api_docs/kbn_core_logging_common_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-common-internal title: "@kbn/core-logging-common-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-common-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-common-internal'] --- import kbnCoreLoggingCommonInternalObj from './kbn_core_logging_common_internal.devdocs.json'; diff --git a/api_docs/kbn_core_logging_server.mdx b/api_docs/kbn_core_logging_server.mdx index 9aa501d7e97c3..07d1af4780246 100644 --- a/api_docs/kbn_core_logging_server.mdx +++ b/api_docs/kbn_core_logging_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-server title: "@kbn/core-logging-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-server'] --- import kbnCoreLoggingServerObj from './kbn_core_logging_server.devdocs.json'; diff --git a/api_docs/kbn_core_logging_server_internal.mdx b/api_docs/kbn_core_logging_server_internal.mdx index e29ff073f19dd..7e1a3d308c6e6 100644 --- a/api_docs/kbn_core_logging_server_internal.mdx +++ b/api_docs/kbn_core_logging_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-server-internal title: "@kbn/core-logging-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-server-internal'] --- import kbnCoreLoggingServerInternalObj from './kbn_core_logging_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_logging_server_mocks.mdx b/api_docs/kbn_core_logging_server_mocks.mdx index c7a164b03f9d8..1fa6a538f1a4f 100644 --- a/api_docs/kbn_core_logging_server_mocks.mdx +++ b/api_docs/kbn_core_logging_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-server-mocks title: "@kbn/core-logging-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-server-mocks'] --- import kbnCoreLoggingServerMocksObj from './kbn_core_logging_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_collectors_server_internal.mdx b/api_docs/kbn_core_metrics_collectors_server_internal.mdx index d7f31e54092b3..4216acde77ada 100644 --- a/api_docs/kbn_core_metrics_collectors_server_internal.mdx +++ b/api_docs/kbn_core_metrics_collectors_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-collectors-server-internal title: "@kbn/core-metrics-collectors-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-collectors-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-collectors-server-internal'] --- import kbnCoreMetricsCollectorsServerInternalObj from './kbn_core_metrics_collectors_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_collectors_server_mocks.mdx b/api_docs/kbn_core_metrics_collectors_server_mocks.mdx index 3e2663580b27e..f69efae675890 100644 --- a/api_docs/kbn_core_metrics_collectors_server_mocks.mdx +++ b/api_docs/kbn_core_metrics_collectors_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-collectors-server-mocks title: "@kbn/core-metrics-collectors-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-collectors-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-collectors-server-mocks'] --- import kbnCoreMetricsCollectorsServerMocksObj from './kbn_core_metrics_collectors_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_server.mdx b/api_docs/kbn_core_metrics_server.mdx index 20cec39f84f09..0aedefa5eb611 100644 --- a/api_docs/kbn_core_metrics_server.mdx +++ b/api_docs/kbn_core_metrics_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-server title: "@kbn/core-metrics-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-server'] --- import kbnCoreMetricsServerObj from './kbn_core_metrics_server.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_server_internal.mdx b/api_docs/kbn_core_metrics_server_internal.mdx index 4601edb2a7de4..a853bf3e68453 100644 --- a/api_docs/kbn_core_metrics_server_internal.mdx +++ b/api_docs/kbn_core_metrics_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-server-internal title: "@kbn/core-metrics-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-server-internal'] --- import kbnCoreMetricsServerInternalObj from './kbn_core_metrics_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_server_mocks.mdx b/api_docs/kbn_core_metrics_server_mocks.mdx index aac17040622d0..04bcdf30a541b 100644 --- a/api_docs/kbn_core_metrics_server_mocks.mdx +++ b/api_docs/kbn_core_metrics_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-server-mocks title: "@kbn/core-metrics-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-server-mocks'] --- import kbnCoreMetricsServerMocksObj from './kbn_core_metrics_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_mount_utils_browser.mdx b/api_docs/kbn_core_mount_utils_browser.mdx index 6784b9db8fcb7..ca1f8c737bc4d 100644 --- a/api_docs/kbn_core_mount_utils_browser.mdx +++ b/api_docs/kbn_core_mount_utils_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-mount-utils-browser title: "@kbn/core-mount-utils-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-mount-utils-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-mount-utils-browser'] --- import kbnCoreMountUtilsBrowserObj from './kbn_core_mount_utils_browser.devdocs.json'; diff --git a/api_docs/kbn_core_node_server.mdx b/api_docs/kbn_core_node_server.mdx index 5714c0edb0cfe..af8203ba16d6b 100644 --- a/api_docs/kbn_core_node_server.mdx +++ b/api_docs/kbn_core_node_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-node-server title: "@kbn/core-node-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-node-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-node-server'] --- import kbnCoreNodeServerObj from './kbn_core_node_server.devdocs.json'; diff --git a/api_docs/kbn_core_node_server_internal.mdx b/api_docs/kbn_core_node_server_internal.mdx index ae966cf6df326..406099649b20c 100644 --- a/api_docs/kbn_core_node_server_internal.mdx +++ b/api_docs/kbn_core_node_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-node-server-internal title: "@kbn/core-node-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-node-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-node-server-internal'] --- import kbnCoreNodeServerInternalObj from './kbn_core_node_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_node_server_mocks.mdx b/api_docs/kbn_core_node_server_mocks.mdx index c0821cca9849f..4fd0ccf534623 100644 --- a/api_docs/kbn_core_node_server_mocks.mdx +++ b/api_docs/kbn_core_node_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-node-server-mocks title: "@kbn/core-node-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-node-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-node-server-mocks'] --- import kbnCoreNodeServerMocksObj from './kbn_core_node_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_notifications_browser.mdx b/api_docs/kbn_core_notifications_browser.mdx index 23e411acec090..3f328d5fd528a 100644 --- a/api_docs/kbn_core_notifications_browser.mdx +++ b/api_docs/kbn_core_notifications_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-notifications-browser title: "@kbn/core-notifications-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-notifications-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-notifications-browser'] --- import kbnCoreNotificationsBrowserObj from './kbn_core_notifications_browser.devdocs.json'; diff --git a/api_docs/kbn_core_notifications_browser_internal.mdx b/api_docs/kbn_core_notifications_browser_internal.mdx index da6a5a60284c8..67ed0a8bdbcc4 100644 --- a/api_docs/kbn_core_notifications_browser_internal.mdx +++ b/api_docs/kbn_core_notifications_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-notifications-browser-internal title: "@kbn/core-notifications-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-notifications-browser-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-notifications-browser-internal'] --- import kbnCoreNotificationsBrowserInternalObj from './kbn_core_notifications_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_notifications_browser_mocks.mdx b/api_docs/kbn_core_notifications_browser_mocks.mdx index 93d669b58506c..2db575f4214ff 100644 --- a/api_docs/kbn_core_notifications_browser_mocks.mdx +++ b/api_docs/kbn_core_notifications_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-notifications-browser-mocks title: "@kbn/core-notifications-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-notifications-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-notifications-browser-mocks'] --- import kbnCoreNotificationsBrowserMocksObj from './kbn_core_notifications_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_overlays_browser.mdx b/api_docs/kbn_core_overlays_browser.mdx index 4a210019f8e46..65a9eea7ef721 100644 --- a/api_docs/kbn_core_overlays_browser.mdx +++ b/api_docs/kbn_core_overlays_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-overlays-browser title: "@kbn/core-overlays-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-overlays-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-overlays-browser'] --- import kbnCoreOverlaysBrowserObj from './kbn_core_overlays_browser.devdocs.json'; diff --git a/api_docs/kbn_core_overlays_browser_internal.mdx b/api_docs/kbn_core_overlays_browser_internal.mdx index 3ce320d69585f..c903a18965096 100644 --- a/api_docs/kbn_core_overlays_browser_internal.mdx +++ b/api_docs/kbn_core_overlays_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-overlays-browser-internal title: "@kbn/core-overlays-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-overlays-browser-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-overlays-browser-internal'] --- import kbnCoreOverlaysBrowserInternalObj from './kbn_core_overlays_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_overlays_browser_mocks.mdx b/api_docs/kbn_core_overlays_browser_mocks.mdx index 29240fe4f2445..23ccca8c3830e 100644 --- a/api_docs/kbn_core_overlays_browser_mocks.mdx +++ b/api_docs/kbn_core_overlays_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-overlays-browser-mocks title: "@kbn/core-overlays-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-overlays-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-overlays-browser-mocks'] --- import kbnCoreOverlaysBrowserMocksObj from './kbn_core_overlays_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_browser.mdx b/api_docs/kbn_core_plugins_browser.mdx index 0d0523e658cc9..b16f285fe3142 100644 --- a/api_docs/kbn_core_plugins_browser.mdx +++ b/api_docs/kbn_core_plugins_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-browser title: "@kbn/core-plugins-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-browser'] --- import kbnCorePluginsBrowserObj from './kbn_core_plugins_browser.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_browser_mocks.mdx b/api_docs/kbn_core_plugins_browser_mocks.mdx index 3ab790b55730e..29b8824299f38 100644 --- a/api_docs/kbn_core_plugins_browser_mocks.mdx +++ b/api_docs/kbn_core_plugins_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-browser-mocks title: "@kbn/core-plugins-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-browser-mocks'] --- import kbnCorePluginsBrowserMocksObj from './kbn_core_plugins_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_contracts_browser.mdx b/api_docs/kbn_core_plugins_contracts_browser.mdx index 754be4a572a58..7f88e41b9d32d 100644 --- a/api_docs/kbn_core_plugins_contracts_browser.mdx +++ b/api_docs/kbn_core_plugins_contracts_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-contracts-browser title: "@kbn/core-plugins-contracts-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-contracts-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-contracts-browser'] --- import kbnCorePluginsContractsBrowserObj from './kbn_core_plugins_contracts_browser.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_contracts_server.mdx b/api_docs/kbn_core_plugins_contracts_server.mdx index ee9582a69e320..5aa93ae65598f 100644 --- a/api_docs/kbn_core_plugins_contracts_server.mdx +++ b/api_docs/kbn_core_plugins_contracts_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-contracts-server title: "@kbn/core-plugins-contracts-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-contracts-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-contracts-server'] --- import kbnCorePluginsContractsServerObj from './kbn_core_plugins_contracts_server.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_server.mdx b/api_docs/kbn_core_plugins_server.mdx index b38859c3592d3..6b7c1cb0e3e52 100644 --- a/api_docs/kbn_core_plugins_server.mdx +++ b/api_docs/kbn_core_plugins_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-server title: "@kbn/core-plugins-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-server'] --- import kbnCorePluginsServerObj from './kbn_core_plugins_server.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_server_mocks.mdx b/api_docs/kbn_core_plugins_server_mocks.mdx index fc208a8c8eadb..714f322fc6027 100644 --- a/api_docs/kbn_core_plugins_server_mocks.mdx +++ b/api_docs/kbn_core_plugins_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-server-mocks title: "@kbn/core-plugins-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-server-mocks'] --- import kbnCorePluginsServerMocksObj from './kbn_core_plugins_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_preboot_server.mdx b/api_docs/kbn_core_preboot_server.mdx index 7e1d2c3bb5d7b..7edc7d68323b6 100644 --- a/api_docs/kbn_core_preboot_server.mdx +++ b/api_docs/kbn_core_preboot_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-preboot-server title: "@kbn/core-preboot-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-preboot-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-preboot-server'] --- import kbnCorePrebootServerObj from './kbn_core_preboot_server.devdocs.json'; diff --git a/api_docs/kbn_core_preboot_server_mocks.mdx b/api_docs/kbn_core_preboot_server_mocks.mdx index dc1363e7d04d7..d063c725f3972 100644 --- a/api_docs/kbn_core_preboot_server_mocks.mdx +++ b/api_docs/kbn_core_preboot_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-preboot-server-mocks title: "@kbn/core-preboot-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-preboot-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-preboot-server-mocks'] --- import kbnCorePrebootServerMocksObj from './kbn_core_preboot_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_rendering_browser_mocks.mdx b/api_docs/kbn_core_rendering_browser_mocks.mdx index 60a9a00f25a98..07d54b4cb8684 100644 --- a/api_docs/kbn_core_rendering_browser_mocks.mdx +++ b/api_docs/kbn_core_rendering_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-rendering-browser-mocks title: "@kbn/core-rendering-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-rendering-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-rendering-browser-mocks'] --- import kbnCoreRenderingBrowserMocksObj from './kbn_core_rendering_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_rendering_server_internal.mdx b/api_docs/kbn_core_rendering_server_internal.mdx index a5c9f1dc465bd..92820e3d64972 100644 --- a/api_docs/kbn_core_rendering_server_internal.mdx +++ b/api_docs/kbn_core_rendering_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-rendering-server-internal title: "@kbn/core-rendering-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-rendering-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-rendering-server-internal'] --- import kbnCoreRenderingServerInternalObj from './kbn_core_rendering_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_rendering_server_mocks.mdx b/api_docs/kbn_core_rendering_server_mocks.mdx index 4fad97ab7aac1..9079f89e087d9 100644 --- a/api_docs/kbn_core_rendering_server_mocks.mdx +++ b/api_docs/kbn_core_rendering_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-rendering-server-mocks title: "@kbn/core-rendering-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-rendering-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-rendering-server-mocks'] --- import kbnCoreRenderingServerMocksObj from './kbn_core_rendering_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_root_server_internal.mdx b/api_docs/kbn_core_root_server_internal.mdx index f32003757cc90..6218d4de657a8 100644 --- a/api_docs/kbn_core_root_server_internal.mdx +++ b/api_docs/kbn_core_root_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-root-server-internal title: "@kbn/core-root-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-root-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-root-server-internal'] --- import kbnCoreRootServerInternalObj from './kbn_core_root_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_api_browser.devdocs.json b/api_docs/kbn_core_saved_objects_api_browser.devdocs.json index 910b548159b1f..9c52167b88c89 100644 --- a/api_docs/kbn_core_saved_objects_api_browser.devdocs.json +++ b/api_docs/kbn_core_saved_objects_api_browser.devdocs.json @@ -906,14 +906,6 @@ "plugin": "savedObjects", "path": "src/plugins/saved_objects/public/types.ts" }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/helpers/initialize_saved_object.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/helpers/initialize_saved_object.ts" - }, { "plugin": "savedObjects", "path": "src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts" @@ -966,6 +958,14 @@ "plugin": "savedObjects", "path": "src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts" }, + { + "plugin": "savedObjects", + "path": "src/plugins/saved_objects/public/saved_object/helpers/initialize_saved_object.ts" + }, + { + "plugin": "savedObjects", + "path": "src/plugins/saved_objects/public/saved_object/helpers/initialize_saved_object.ts" + }, { "plugin": "savedObjects", "path": "src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.test.ts" @@ -1046,18 +1046,6 @@ "plugin": "@kbn/core-saved-objects-browser-mocks", "path": "packages/core/saved-objects/core-saved-objects-browser-mocks/src/saved_objects_service.mock.ts" }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/helpers/create_source.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/helpers/create_source.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/helpers/save_saved_object.ts" - }, { "plugin": "savedObjects", "path": "src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts" @@ -1068,35 +1056,15 @@ }, { "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" + "path": "src/plugins/saved_objects/public/saved_object/helpers/create_source.ts" }, { "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" + "path": "src/plugins/saved_objects/public/saved_object/helpers/create_source.ts" }, { "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" + "path": "src/plugins/saved_objects/public/saved_object/helpers/save_saved_object.ts" }, { "plugin": "savedObjects", @@ -1370,10 +1338,6 @@ "plugin": "@kbn/core-saved-objects-browser-mocks", "path": "packages/core/saved-objects/core-saved-objects-browser-mocks/src/saved_objects_service.mock.ts" }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/helpers/build_saved_object.ts" - }, { "plugin": "visualizations", "path": "src/plugins/visualizations/public/visualize_app/components/visualize_listing.tsx" @@ -1623,10 +1587,6 @@ "plugin": "dashboardEnhanced", "path": "x-pack/plugins/dashboard_enhanced/public/services/drilldowns/abstract_dashboard_drilldown/components/collect_config_container.tsx" }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, { "plugin": "savedObjects", "path": "src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts" @@ -1711,17 +1671,13 @@ "plugin": "@kbn/core-saved-objects-browser-mocks", "path": "packages/core/saved-objects/core-saved-objects-browser-mocks/src/saved_objects_service.mock.ts" }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/helpers/initialize_saved_object.ts" - }, { "plugin": "dashboardEnhanced", "path": "x-pack/plugins/dashboard_enhanced/public/services/drilldowns/abstract_dashboard_drilldown/components/collect_config_container.tsx" }, { "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" + "path": "src/plugins/saved_objects/public/saved_object/helpers/initialize_saved_object.ts" }, { "plugin": "@kbn/core-saved-objects-browser-internal", @@ -1878,10 +1834,6 @@ "plugin": "@kbn/core-saved-objects-browser-mocks", "path": "packages/core/saved-objects/core-saved-objects-browser-mocks/src/saved_objects_service.mock.ts" }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, { "plugin": "@kbn/core-saved-objects-browser-internal", "path": "packages/core/saved-objects/core-saved-objects-browser-internal/src/saved_objects_client.ts" @@ -2166,10 +2118,6 @@ "plugin": "@kbn/core-saved-objects-browser-mocks", "path": "packages/core/saved-objects/core-saved-objects-browser-mocks/src/saved_objects_service.mock.ts" }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, { "plugin": "@kbn/core-saved-objects-browser-internal", "path": "packages/core/saved-objects/core-saved-objects-browser-internal/src/simple_saved_object.test.ts" @@ -3055,50 +3003,6 @@ "plugin": "eventAnnotation", "path": "src/plugins/event_annotation/public/event_annotation_service/service.test.ts" }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, { "plugin": "visualizations", "path": "src/plugins/visualizations/public/utils/saved_objects_utils/find_object_by_title.test.ts" diff --git a/api_docs/kbn_core_saved_objects_api_browser.mdx b/api_docs/kbn_core_saved_objects_api_browser.mdx index 9f707d1d6e060..1633a36f8c337 100644 --- a/api_docs/kbn_core_saved_objects_api_browser.mdx +++ b/api_docs/kbn_core_saved_objects_api_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-api-browser title: "@kbn/core-saved-objects-api-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-api-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-api-browser'] --- import kbnCoreSavedObjectsApiBrowserObj from './kbn_core_saved_objects_api_browser.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_api_server.mdx b/api_docs/kbn_core_saved_objects_api_server.mdx index 50f69840d6595..ad0fe6b3c998a 100644 --- a/api_docs/kbn_core_saved_objects_api_server.mdx +++ b/api_docs/kbn_core_saved_objects_api_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-api-server title: "@kbn/core-saved-objects-api-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-api-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-api-server'] --- import kbnCoreSavedObjectsApiServerObj from './kbn_core_saved_objects_api_server.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_api_server_mocks.mdx b/api_docs/kbn_core_saved_objects_api_server_mocks.mdx index 1de78b7a10488..6fab97d53cfcc 100644 --- a/api_docs/kbn_core_saved_objects_api_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_api_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-api-server-mocks title: "@kbn/core-saved-objects-api-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-api-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-api-server-mocks'] --- import kbnCoreSavedObjectsApiServerMocksObj from './kbn_core_saved_objects_api_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_base_server_internal.mdx b/api_docs/kbn_core_saved_objects_base_server_internal.mdx index 9fdb3f23ed250..7d9cef51ef466 100644 --- a/api_docs/kbn_core_saved_objects_base_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_base_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-base-server-internal title: "@kbn/core-saved-objects-base-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-base-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-base-server-internal'] --- import kbnCoreSavedObjectsBaseServerInternalObj from './kbn_core_saved_objects_base_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_base_server_mocks.mdx b/api_docs/kbn_core_saved_objects_base_server_mocks.mdx index 7b9e79b6ff359..25fc98860f37d 100644 --- a/api_docs/kbn_core_saved_objects_base_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_base_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-base-server-mocks title: "@kbn/core-saved-objects-base-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-base-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-base-server-mocks'] --- import kbnCoreSavedObjectsBaseServerMocksObj from './kbn_core_saved_objects_base_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_browser.mdx b/api_docs/kbn_core_saved_objects_browser.mdx index 113598d0cce62..19c1c438ef70a 100644 --- a/api_docs/kbn_core_saved_objects_browser.mdx +++ b/api_docs/kbn_core_saved_objects_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-browser title: "@kbn/core-saved-objects-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-browser'] --- import kbnCoreSavedObjectsBrowserObj from './kbn_core_saved_objects_browser.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_browser_internal.mdx b/api_docs/kbn_core_saved_objects_browser_internal.mdx index ad7018f0925a1..8530211f6f79f 100644 --- a/api_docs/kbn_core_saved_objects_browser_internal.mdx +++ b/api_docs/kbn_core_saved_objects_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-browser-internal title: "@kbn/core-saved-objects-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-browser-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-browser-internal'] --- import kbnCoreSavedObjectsBrowserInternalObj from './kbn_core_saved_objects_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_browser_mocks.mdx b/api_docs/kbn_core_saved_objects_browser_mocks.mdx index b265190a58015..a4b2fc329a2ae 100644 --- a/api_docs/kbn_core_saved_objects_browser_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-browser-mocks title: "@kbn/core-saved-objects-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-browser-mocks'] --- import kbnCoreSavedObjectsBrowserMocksObj from './kbn_core_saved_objects_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_common.devdocs.json b/api_docs/kbn_core_saved_objects_common.devdocs.json index 0f46f3e03e417..da1b2ea8a0cf1 100644 --- a/api_docs/kbn_core_saved_objects_common.devdocs.json +++ b/api_docs/kbn_core_saved_objects_common.devdocs.json @@ -1588,12 +1588,20 @@ "path": "src/core/public/index.ts" }, { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/types.ts" + "plugin": "embeddable", + "path": "src/plugins/embeddable/public/lib/embeddables/default_embeddable_factory_provider.ts" }, { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/types.ts" + "plugin": "embeddable", + "path": "src/plugins/embeddable/public/lib/embeddables/default_embeddable_factory_provider.ts" + }, + { + "plugin": "embeddable", + "path": "src/plugins/embeddable/public/types.ts" + }, + { + "plugin": "embeddable", + "path": "src/plugins/embeddable/public/types.ts" }, { "plugin": "savedObjects", @@ -1609,11 +1617,11 @@ }, { "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/helpers/create_source.ts" + "path": "src/plugins/saved_objects/public/types.ts" }, { "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/helpers/create_source.ts" + "path": "src/plugins/saved_objects/public/types.ts" }, { "plugin": "savedObjects", @@ -1632,20 +1640,12 @@ "path": "src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts" }, { - "plugin": "embeddable", - "path": "src/plugins/embeddable/public/lib/embeddables/default_embeddable_factory_provider.ts" - }, - { - "plugin": "embeddable", - "path": "src/plugins/embeddable/public/lib/embeddables/default_embeddable_factory_provider.ts" - }, - { - "plugin": "embeddable", - "path": "src/plugins/embeddable/public/types.ts" + "plugin": "savedObjects", + "path": "src/plugins/saved_objects/public/saved_object/helpers/create_source.ts" }, { - "plugin": "embeddable", - "path": "src/plugins/embeddable/public/types.ts" + "plugin": "savedObjects", + "path": "src/plugins/saved_objects/public/saved_object/helpers/create_source.ts" }, { "plugin": "visualizations", @@ -1695,50 +1695,6 @@ "plugin": "graph", "path": "x-pack/plugins/graph/public/helpers/saved_workspace_utils.ts" }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, { "plugin": "savedObjects", "path": "src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.test.ts" @@ -1843,12 +1799,12 @@ "path": "src/core/public/index.ts" }, { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/types.ts" + "plugin": "savedObjectsManagement", + "path": "src/plugins/saved_objects_management/public/services/types/record.ts" }, { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/types.ts" + "plugin": "savedObjectsManagement", + "path": "src/plugins/saved_objects_management/public/services/types/record.ts" }, { "plugin": "savedObjects", @@ -1867,12 +1823,12 @@ "path": "src/plugins/saved_objects/public/types.ts" }, { - "plugin": "savedObjectsManagement", - "path": "src/plugins/saved_objects_management/public/services/types/record.ts" + "plugin": "savedObjects", + "path": "src/plugins/saved_objects/public/types.ts" }, { - "plugin": "savedObjectsManagement", - "path": "src/plugins/saved_objects_management/public/services/types/record.ts" + "plugin": "savedObjects", + "path": "src/plugins/saved_objects/public/types.ts" }, { "plugin": "visualizations", @@ -2202,38 +2158,6 @@ "plugin": "dashboard", "path": "src/plugins/dashboard/common/bwc/types.ts" }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/inject_tag_references.test.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/inject_tag_references.test.ts" - }, { "plugin": "@kbn/core", "path": "src/core/types/index.ts" diff --git a/api_docs/kbn_core_saved_objects_common.mdx b/api_docs/kbn_core_saved_objects_common.mdx index b1a6ea2f55cfa..40f466e485ddd 100644 --- a/api_docs/kbn_core_saved_objects_common.mdx +++ b/api_docs/kbn_core_saved_objects_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-common title: "@kbn/core-saved-objects-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-common'] --- import kbnCoreSavedObjectsCommonObj from './kbn_core_saved_objects_common.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx b/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx index 0e9fbb6164f8c..7f8c90761846f 100644 --- a/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-import-export-server-internal title: "@kbn/core-saved-objects-import-export-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-import-export-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-import-export-server-internal'] --- import kbnCoreSavedObjectsImportExportServerInternalObj from './kbn_core_saved_objects_import_export_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx b/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx index d29d87fd91bae..5f823a88de866 100644 --- a/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-import-export-server-mocks title: "@kbn/core-saved-objects-import-export-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-import-export-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-import-export-server-mocks'] --- import kbnCoreSavedObjectsImportExportServerMocksObj from './kbn_core_saved_objects_import_export_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_migration_server_internal.mdx b/api_docs/kbn_core_saved_objects_migration_server_internal.mdx index 068a045258233..6486972bba111 100644 --- a/api_docs/kbn_core_saved_objects_migration_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_migration_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-migration-server-internal title: "@kbn/core-saved-objects-migration-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-migration-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-migration-server-internal'] --- import kbnCoreSavedObjectsMigrationServerInternalObj from './kbn_core_saved_objects_migration_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx b/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx index a3f59f852bd1e..71154fc04758b 100644 --- a/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-migration-server-mocks title: "@kbn/core-saved-objects-migration-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-migration-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-migration-server-mocks'] --- import kbnCoreSavedObjectsMigrationServerMocksObj from './kbn_core_saved_objects_migration_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_server.mdx b/api_docs/kbn_core_saved_objects_server.mdx index 41e0f0ff877d7..f8ccda3f7d1bb 100644 --- a/api_docs/kbn_core_saved_objects_server.mdx +++ b/api_docs/kbn_core_saved_objects_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-server title: "@kbn/core-saved-objects-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-server'] --- import kbnCoreSavedObjectsServerObj from './kbn_core_saved_objects_server.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_server_internal.mdx b/api_docs/kbn_core_saved_objects_server_internal.mdx index 182ac9ef9ff42..a55da08ff21ba 100644 --- a/api_docs/kbn_core_saved_objects_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-server-internal title: "@kbn/core-saved-objects-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-server-internal'] --- import kbnCoreSavedObjectsServerInternalObj from './kbn_core_saved_objects_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_server_mocks.mdx b/api_docs/kbn_core_saved_objects_server_mocks.mdx index 05478dd57cd3f..17869c68b780e 100644 --- a/api_docs/kbn_core_saved_objects_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-server-mocks title: "@kbn/core-saved-objects-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-server-mocks'] --- import kbnCoreSavedObjectsServerMocksObj from './kbn_core_saved_objects_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_utils_server.mdx b/api_docs/kbn_core_saved_objects_utils_server.mdx index 88804661dee3e..e97cdfbaa797c 100644 --- a/api_docs/kbn_core_saved_objects_utils_server.mdx +++ b/api_docs/kbn_core_saved_objects_utils_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-utils-server title: "@kbn/core-saved-objects-utils-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-utils-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-utils-server'] --- import kbnCoreSavedObjectsUtilsServerObj from './kbn_core_saved_objects_utils_server.devdocs.json'; diff --git a/api_docs/kbn_core_security_browser.mdx b/api_docs/kbn_core_security_browser.mdx index 2b07674a841ff..5b0dd0a3cc671 100644 --- a/api_docs/kbn_core_security_browser.mdx +++ b/api_docs/kbn_core_security_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-browser title: "@kbn/core-security-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-browser'] --- import kbnCoreSecurityBrowserObj from './kbn_core_security_browser.devdocs.json'; diff --git a/api_docs/kbn_core_security_browser_internal.mdx b/api_docs/kbn_core_security_browser_internal.mdx index 404934cb202e4..ca57c9be043ad 100644 --- a/api_docs/kbn_core_security_browser_internal.mdx +++ b/api_docs/kbn_core_security_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-browser-internal title: "@kbn/core-security-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-browser-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-browser-internal'] --- import kbnCoreSecurityBrowserInternalObj from './kbn_core_security_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_security_browser_mocks.mdx b/api_docs/kbn_core_security_browser_mocks.mdx index 370b685a57c70..ce45682d04a39 100644 --- a/api_docs/kbn_core_security_browser_mocks.mdx +++ b/api_docs/kbn_core_security_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-browser-mocks title: "@kbn/core-security-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-browser-mocks'] --- import kbnCoreSecurityBrowserMocksObj from './kbn_core_security_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_security_common.mdx b/api_docs/kbn_core_security_common.mdx index fca01cc52a684..587556bc1fed6 100644 --- a/api_docs/kbn_core_security_common.mdx +++ b/api_docs/kbn_core_security_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-common title: "@kbn/core-security-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-common'] --- import kbnCoreSecurityCommonObj from './kbn_core_security_common.devdocs.json'; diff --git a/api_docs/kbn_core_security_server.mdx b/api_docs/kbn_core_security_server.mdx index 1d05dc4eda100..d5720cf4d8ee0 100644 --- a/api_docs/kbn_core_security_server.mdx +++ b/api_docs/kbn_core_security_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-server title: "@kbn/core-security-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-server'] --- import kbnCoreSecurityServerObj from './kbn_core_security_server.devdocs.json'; diff --git a/api_docs/kbn_core_security_server_internal.mdx b/api_docs/kbn_core_security_server_internal.mdx index 0b31c9f906cca..3bc87b9b6b31a 100644 --- a/api_docs/kbn_core_security_server_internal.mdx +++ b/api_docs/kbn_core_security_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-server-internal title: "@kbn/core-security-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-server-internal'] --- import kbnCoreSecurityServerInternalObj from './kbn_core_security_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_security_server_mocks.mdx b/api_docs/kbn_core_security_server_mocks.mdx index 6dea71309d750..d8fd38089b569 100644 --- a/api_docs/kbn_core_security_server_mocks.mdx +++ b/api_docs/kbn_core_security_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-server-mocks title: "@kbn/core-security-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-server-mocks'] --- import kbnCoreSecurityServerMocksObj from './kbn_core_security_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_status_common.mdx b/api_docs/kbn_core_status_common.mdx index 27c3150dfa9e8..437af097eb034 100644 --- a/api_docs/kbn_core_status_common.mdx +++ b/api_docs/kbn_core_status_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-common title: "@kbn/core-status-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-common'] --- import kbnCoreStatusCommonObj from './kbn_core_status_common.devdocs.json'; diff --git a/api_docs/kbn_core_status_common_internal.mdx b/api_docs/kbn_core_status_common_internal.mdx index 2938d7935e408..47a7a13a2f986 100644 --- a/api_docs/kbn_core_status_common_internal.mdx +++ b/api_docs/kbn_core_status_common_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-common-internal title: "@kbn/core-status-common-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-common-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-common-internal'] --- import kbnCoreStatusCommonInternalObj from './kbn_core_status_common_internal.devdocs.json'; diff --git a/api_docs/kbn_core_status_server.mdx b/api_docs/kbn_core_status_server.mdx index 167264cf6968a..261c01f4b8d54 100644 --- a/api_docs/kbn_core_status_server.mdx +++ b/api_docs/kbn_core_status_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-server title: "@kbn/core-status-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-server'] --- import kbnCoreStatusServerObj from './kbn_core_status_server.devdocs.json'; diff --git a/api_docs/kbn_core_status_server_internal.mdx b/api_docs/kbn_core_status_server_internal.mdx index e328391fdfccb..8c16ca745633d 100644 --- a/api_docs/kbn_core_status_server_internal.mdx +++ b/api_docs/kbn_core_status_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-server-internal title: "@kbn/core-status-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-server-internal'] --- import kbnCoreStatusServerInternalObj from './kbn_core_status_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_status_server_mocks.mdx b/api_docs/kbn_core_status_server_mocks.mdx index 0a749cde2d3fe..a2c3da7cb79d0 100644 --- a/api_docs/kbn_core_status_server_mocks.mdx +++ b/api_docs/kbn_core_status_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-server-mocks title: "@kbn/core-status-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-server-mocks'] --- import kbnCoreStatusServerMocksObj from './kbn_core_status_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_deprecations_getters.mdx b/api_docs/kbn_core_test_helpers_deprecations_getters.mdx index b2447ca543b20..05beae7a392b8 100644 --- a/api_docs/kbn_core_test_helpers_deprecations_getters.mdx +++ b/api_docs/kbn_core_test_helpers_deprecations_getters.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-deprecations-getters title: "@kbn/core-test-helpers-deprecations-getters" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-deprecations-getters plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-deprecations-getters'] --- import kbnCoreTestHelpersDeprecationsGettersObj from './kbn_core_test_helpers_deprecations_getters.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_http_setup_browser.mdx b/api_docs/kbn_core_test_helpers_http_setup_browser.mdx index 8a32872c2f4f3..35fe4ef4201ba 100644 --- a/api_docs/kbn_core_test_helpers_http_setup_browser.mdx +++ b/api_docs/kbn_core_test_helpers_http_setup_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-http-setup-browser title: "@kbn/core-test-helpers-http-setup-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-http-setup-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-http-setup-browser'] --- import kbnCoreTestHelpersHttpSetupBrowserObj from './kbn_core_test_helpers_http_setup_browser.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_kbn_server.mdx b/api_docs/kbn_core_test_helpers_kbn_server.mdx index 22e77d7c7f3f1..390b950a797c9 100644 --- a/api_docs/kbn_core_test_helpers_kbn_server.mdx +++ b/api_docs/kbn_core_test_helpers_kbn_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-kbn-server title: "@kbn/core-test-helpers-kbn-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-kbn-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-kbn-server'] --- import kbnCoreTestHelpersKbnServerObj from './kbn_core_test_helpers_kbn_server.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_model_versions.mdx b/api_docs/kbn_core_test_helpers_model_versions.mdx index 85ea3227f70f6..10b31a192613c 100644 --- a/api_docs/kbn_core_test_helpers_model_versions.mdx +++ b/api_docs/kbn_core_test_helpers_model_versions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-model-versions title: "@kbn/core-test-helpers-model-versions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-model-versions plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-model-versions'] --- import kbnCoreTestHelpersModelVersionsObj from './kbn_core_test_helpers_model_versions.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_so_type_serializer.mdx b/api_docs/kbn_core_test_helpers_so_type_serializer.mdx index 8084cd7052ff6..ae560d98dea8e 100644 --- a/api_docs/kbn_core_test_helpers_so_type_serializer.mdx +++ b/api_docs/kbn_core_test_helpers_so_type_serializer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-so-type-serializer title: "@kbn/core-test-helpers-so-type-serializer" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-so-type-serializer plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-so-type-serializer'] --- import kbnCoreTestHelpersSoTypeSerializerObj from './kbn_core_test_helpers_so_type_serializer.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_test_utils.mdx b/api_docs/kbn_core_test_helpers_test_utils.mdx index ddf102f4269cf..10da68c7c119c 100644 --- a/api_docs/kbn_core_test_helpers_test_utils.mdx +++ b/api_docs/kbn_core_test_helpers_test_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-test-utils title: "@kbn/core-test-helpers-test-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-test-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-test-utils'] --- import kbnCoreTestHelpersTestUtilsObj from './kbn_core_test_helpers_test_utils.devdocs.json'; diff --git a/api_docs/kbn_core_theme_browser.mdx b/api_docs/kbn_core_theme_browser.mdx index 08e292b39c766..8e04d58b85fa2 100644 --- a/api_docs/kbn_core_theme_browser.mdx +++ b/api_docs/kbn_core_theme_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-theme-browser title: "@kbn/core-theme-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-theme-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-theme-browser'] --- import kbnCoreThemeBrowserObj from './kbn_core_theme_browser.devdocs.json'; diff --git a/api_docs/kbn_core_theme_browser_mocks.mdx b/api_docs/kbn_core_theme_browser_mocks.mdx index 3f09d8540b65e..a609e539c7caa 100644 --- a/api_docs/kbn_core_theme_browser_mocks.mdx +++ b/api_docs/kbn_core_theme_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-theme-browser-mocks title: "@kbn/core-theme-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-theme-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-theme-browser-mocks'] --- import kbnCoreThemeBrowserMocksObj from './kbn_core_theme_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_browser.mdx b/api_docs/kbn_core_ui_settings_browser.mdx index 33ce5b9b9046c..628bd1977ccb8 100644 --- a/api_docs/kbn_core_ui_settings_browser.mdx +++ b/api_docs/kbn_core_ui_settings_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-browser title: "@kbn/core-ui-settings-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-browser'] --- import kbnCoreUiSettingsBrowserObj from './kbn_core_ui_settings_browser.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_browser_internal.mdx b/api_docs/kbn_core_ui_settings_browser_internal.mdx index e3a7d3448de4b..e9ccf2a9746bc 100644 --- a/api_docs/kbn_core_ui_settings_browser_internal.mdx +++ b/api_docs/kbn_core_ui_settings_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-browser-internal title: "@kbn/core-ui-settings-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-browser-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-browser-internal'] --- import kbnCoreUiSettingsBrowserInternalObj from './kbn_core_ui_settings_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_browser_mocks.mdx b/api_docs/kbn_core_ui_settings_browser_mocks.mdx index 244ace3d1d5a4..818a098a0efe6 100644 --- a/api_docs/kbn_core_ui_settings_browser_mocks.mdx +++ b/api_docs/kbn_core_ui_settings_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-browser-mocks title: "@kbn/core-ui-settings-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-browser-mocks'] --- import kbnCoreUiSettingsBrowserMocksObj from './kbn_core_ui_settings_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_common.mdx b/api_docs/kbn_core_ui_settings_common.mdx index f04725ac0f4a2..d0a835c7a8249 100644 --- a/api_docs/kbn_core_ui_settings_common.mdx +++ b/api_docs/kbn_core_ui_settings_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-common title: "@kbn/core-ui-settings-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-common'] --- import kbnCoreUiSettingsCommonObj from './kbn_core_ui_settings_common.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_server.mdx b/api_docs/kbn_core_ui_settings_server.mdx index fa0cedc6cc5bc..b9d6c66e2a498 100644 --- a/api_docs/kbn_core_ui_settings_server.mdx +++ b/api_docs/kbn_core_ui_settings_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-server title: "@kbn/core-ui-settings-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-server'] --- import kbnCoreUiSettingsServerObj from './kbn_core_ui_settings_server.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_server_internal.mdx b/api_docs/kbn_core_ui_settings_server_internal.mdx index afa4b334e2ca7..88773a76d6a16 100644 --- a/api_docs/kbn_core_ui_settings_server_internal.mdx +++ b/api_docs/kbn_core_ui_settings_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-server-internal title: "@kbn/core-ui-settings-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-server-internal'] --- import kbnCoreUiSettingsServerInternalObj from './kbn_core_ui_settings_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_server_mocks.mdx b/api_docs/kbn_core_ui_settings_server_mocks.mdx index f841888198821..af896fd4460f4 100644 --- a/api_docs/kbn_core_ui_settings_server_mocks.mdx +++ b/api_docs/kbn_core_ui_settings_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-server-mocks title: "@kbn/core-ui-settings-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-server-mocks'] --- import kbnCoreUiSettingsServerMocksObj from './kbn_core_ui_settings_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_usage_data_server.mdx b/api_docs/kbn_core_usage_data_server.mdx index 416271b709016..65a647a301dd5 100644 --- a/api_docs/kbn_core_usage_data_server.mdx +++ b/api_docs/kbn_core_usage_data_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-usage-data-server title: "@kbn/core-usage-data-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-usage-data-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-usage-data-server'] --- import kbnCoreUsageDataServerObj from './kbn_core_usage_data_server.devdocs.json'; diff --git a/api_docs/kbn_core_usage_data_server_internal.mdx b/api_docs/kbn_core_usage_data_server_internal.mdx index 2250c920259d8..9d32d0d062140 100644 --- a/api_docs/kbn_core_usage_data_server_internal.mdx +++ b/api_docs/kbn_core_usage_data_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-usage-data-server-internal title: "@kbn/core-usage-data-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-usage-data-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-usage-data-server-internal'] --- import kbnCoreUsageDataServerInternalObj from './kbn_core_usage_data_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_usage_data_server_mocks.mdx b/api_docs/kbn_core_usage_data_server_mocks.mdx index ef6d57ac016a0..7f9476d3b0512 100644 --- a/api_docs/kbn_core_usage_data_server_mocks.mdx +++ b/api_docs/kbn_core_usage_data_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-usage-data-server-mocks title: "@kbn/core-usage-data-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-usage-data-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-usage-data-server-mocks'] --- import kbnCoreUsageDataServerMocksObj from './kbn_core_usage_data_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_browser.mdx b/api_docs/kbn_core_user_profile_browser.mdx index b00ee8f92391a..ad6ddaf9454a8 100644 --- a/api_docs/kbn_core_user_profile_browser.mdx +++ b/api_docs/kbn_core_user_profile_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-browser title: "@kbn/core-user-profile-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-browser'] --- import kbnCoreUserProfileBrowserObj from './kbn_core_user_profile_browser.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_browser_internal.mdx b/api_docs/kbn_core_user_profile_browser_internal.mdx index dcda0d2da190d..a222c881003e8 100644 --- a/api_docs/kbn_core_user_profile_browser_internal.mdx +++ b/api_docs/kbn_core_user_profile_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-browser-internal title: "@kbn/core-user-profile-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-browser-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-browser-internal'] --- import kbnCoreUserProfileBrowserInternalObj from './kbn_core_user_profile_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_browser_mocks.mdx b/api_docs/kbn_core_user_profile_browser_mocks.mdx index b641b8aab8423..05ca54ae3a50f 100644 --- a/api_docs/kbn_core_user_profile_browser_mocks.mdx +++ b/api_docs/kbn_core_user_profile_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-browser-mocks title: "@kbn/core-user-profile-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-browser-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-browser-mocks'] --- import kbnCoreUserProfileBrowserMocksObj from './kbn_core_user_profile_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_common.mdx b/api_docs/kbn_core_user_profile_common.mdx index e88c9817c8bd6..2fe79c73f31ab 100644 --- a/api_docs/kbn_core_user_profile_common.mdx +++ b/api_docs/kbn_core_user_profile_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-common title: "@kbn/core-user-profile-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-common'] --- import kbnCoreUserProfileCommonObj from './kbn_core_user_profile_common.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_server.mdx b/api_docs/kbn_core_user_profile_server.mdx index 6757aa3cbbbde..530ca6ef4db78 100644 --- a/api_docs/kbn_core_user_profile_server.mdx +++ b/api_docs/kbn_core_user_profile_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-server title: "@kbn/core-user-profile-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-server'] --- import kbnCoreUserProfileServerObj from './kbn_core_user_profile_server.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_server_internal.mdx b/api_docs/kbn_core_user_profile_server_internal.mdx index b485c8d65ee70..80a149ad5b1d0 100644 --- a/api_docs/kbn_core_user_profile_server_internal.mdx +++ b/api_docs/kbn_core_user_profile_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-server-internal title: "@kbn/core-user-profile-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-server-internal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-server-internal'] --- import kbnCoreUserProfileServerInternalObj from './kbn_core_user_profile_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_server_mocks.mdx b/api_docs/kbn_core_user_profile_server_mocks.mdx index 09f2e8d0aa38f..7bda5bd6128be 100644 --- a/api_docs/kbn_core_user_profile_server_mocks.mdx +++ b/api_docs/kbn_core_user_profile_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-server-mocks title: "@kbn/core-user-profile-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-server-mocks'] --- import kbnCoreUserProfileServerMocksObj from './kbn_core_user_profile_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_user_settings_server.mdx b/api_docs/kbn_core_user_settings_server.mdx index 789b890f63a8a..e5aa8d61b6358 100644 --- a/api_docs/kbn_core_user_settings_server.mdx +++ b/api_docs/kbn_core_user_settings_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-settings-server title: "@kbn/core-user-settings-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-settings-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-settings-server'] --- import kbnCoreUserSettingsServerObj from './kbn_core_user_settings_server.devdocs.json'; diff --git a/api_docs/kbn_core_user_settings_server_mocks.mdx b/api_docs/kbn_core_user_settings_server_mocks.mdx index 92bea164a66b6..7368d5c511a72 100644 --- a/api_docs/kbn_core_user_settings_server_mocks.mdx +++ b/api_docs/kbn_core_user_settings_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-settings-server-mocks title: "@kbn/core-user-settings-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-settings-server-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-settings-server-mocks'] --- import kbnCoreUserSettingsServerMocksObj from './kbn_core_user_settings_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_crypto.mdx b/api_docs/kbn_crypto.mdx index 4da22952fe0b1..c8e0fdca4b427 100644 --- a/api_docs/kbn_crypto.mdx +++ b/api_docs/kbn_crypto.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-crypto title: "@kbn/crypto" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/crypto plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/crypto'] --- import kbnCryptoObj from './kbn_crypto.devdocs.json'; diff --git a/api_docs/kbn_crypto_browser.mdx b/api_docs/kbn_crypto_browser.mdx index 40d3518592a6a..4ad2cd407b4eb 100644 --- a/api_docs/kbn_crypto_browser.mdx +++ b/api_docs/kbn_crypto_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-crypto-browser title: "@kbn/crypto-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/crypto-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/crypto-browser'] --- import kbnCryptoBrowserObj from './kbn_crypto_browser.devdocs.json'; diff --git a/api_docs/kbn_custom_icons.mdx b/api_docs/kbn_custom_icons.mdx index 677203ee949f2..6fb423169bca1 100644 --- a/api_docs/kbn_custom_icons.mdx +++ b/api_docs/kbn_custom_icons.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-custom-icons title: "@kbn/custom-icons" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/custom-icons plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/custom-icons'] --- import kbnCustomIconsObj from './kbn_custom_icons.devdocs.json'; diff --git a/api_docs/kbn_custom_integrations.mdx b/api_docs/kbn_custom_integrations.mdx index 789df75ad4612..a2b59efce2016 100644 --- a/api_docs/kbn_custom_integrations.mdx +++ b/api_docs/kbn_custom_integrations.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-custom-integrations title: "@kbn/custom-integrations" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/custom-integrations plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/custom-integrations'] --- import kbnCustomIntegrationsObj from './kbn_custom_integrations.devdocs.json'; diff --git a/api_docs/kbn_cypress_config.mdx b/api_docs/kbn_cypress_config.mdx index 6b13bbb320acf..86f7892f60a2e 100644 --- a/api_docs/kbn_cypress_config.mdx +++ b/api_docs/kbn_cypress_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cypress-config title: "@kbn/cypress-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cypress-config plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cypress-config'] --- import kbnCypressConfigObj from './kbn_cypress_config.devdocs.json'; diff --git a/api_docs/kbn_data_forge.mdx b/api_docs/kbn_data_forge.mdx index 7c3643b70bf25..df182db59ddc1 100644 --- a/api_docs/kbn_data_forge.mdx +++ b/api_docs/kbn_data_forge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-data-forge title: "@kbn/data-forge" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/data-forge plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/data-forge'] --- import kbnDataForgeObj from './kbn_data_forge.devdocs.json'; diff --git a/api_docs/kbn_data_service.mdx b/api_docs/kbn_data_service.mdx index 796a710bcf2ec..31ff87ecce731 100644 --- a/api_docs/kbn_data_service.mdx +++ b/api_docs/kbn_data_service.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-data-service title: "@kbn/data-service" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/data-service plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/data-service'] --- import kbnDataServiceObj from './kbn_data_service.devdocs.json'; diff --git a/api_docs/kbn_data_stream_adapter.mdx b/api_docs/kbn_data_stream_adapter.mdx index 5f9c0221fb775..4c4a7af436d8f 100644 --- a/api_docs/kbn_data_stream_adapter.mdx +++ b/api_docs/kbn_data_stream_adapter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-data-stream-adapter title: "@kbn/data-stream-adapter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/data-stream-adapter plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/data-stream-adapter'] --- import kbnDataStreamAdapterObj from './kbn_data_stream_adapter.devdocs.json'; diff --git a/api_docs/kbn_data_view_utils.mdx b/api_docs/kbn_data_view_utils.mdx index ff65b6aa2b1c3..9294e9dad74e2 100644 --- a/api_docs/kbn_data_view_utils.mdx +++ b/api_docs/kbn_data_view_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-data-view-utils title: "@kbn/data-view-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/data-view-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/data-view-utils'] --- import kbnDataViewUtilsObj from './kbn_data_view_utils.devdocs.json'; diff --git a/api_docs/kbn_datemath.mdx b/api_docs/kbn_datemath.mdx index 90801531cfb7d..00a0091b4e25a 100644 --- a/api_docs/kbn_datemath.mdx +++ b/api_docs/kbn_datemath.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-datemath title: "@kbn/datemath" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/datemath plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/datemath'] --- import kbnDatemathObj from './kbn_datemath.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_analytics.mdx b/api_docs/kbn_deeplinks_analytics.mdx index 8a0af7518fac0..1ab560b521fba 100644 --- a/api_docs/kbn_deeplinks_analytics.mdx +++ b/api_docs/kbn_deeplinks_analytics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-analytics title: "@kbn/deeplinks-analytics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-analytics plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-analytics'] --- import kbnDeeplinksAnalyticsObj from './kbn_deeplinks_analytics.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_devtools.mdx b/api_docs/kbn_deeplinks_devtools.mdx index 584d52922b71b..333d5e971fc79 100644 --- a/api_docs/kbn_deeplinks_devtools.mdx +++ b/api_docs/kbn_deeplinks_devtools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-devtools title: "@kbn/deeplinks-devtools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-devtools plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-devtools'] --- import kbnDeeplinksDevtoolsObj from './kbn_deeplinks_devtools.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_fleet.mdx b/api_docs/kbn_deeplinks_fleet.mdx index 66f41a3165955..fa860e767f515 100644 --- a/api_docs/kbn_deeplinks_fleet.mdx +++ b/api_docs/kbn_deeplinks_fleet.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-fleet title: "@kbn/deeplinks-fleet" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-fleet plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-fleet'] --- import kbnDeeplinksFleetObj from './kbn_deeplinks_fleet.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_management.mdx b/api_docs/kbn_deeplinks_management.mdx index 60ef86014accb..cfce275d8f5a7 100644 --- a/api_docs/kbn_deeplinks_management.mdx +++ b/api_docs/kbn_deeplinks_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-management title: "@kbn/deeplinks-management" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-management plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-management'] --- import kbnDeeplinksManagementObj from './kbn_deeplinks_management.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_ml.mdx b/api_docs/kbn_deeplinks_ml.mdx index da561029a8f40..28d7b85129a78 100644 --- a/api_docs/kbn_deeplinks_ml.mdx +++ b/api_docs/kbn_deeplinks_ml.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-ml title: "@kbn/deeplinks-ml" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-ml plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-ml'] --- import kbnDeeplinksMlObj from './kbn_deeplinks_ml.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_observability.mdx b/api_docs/kbn_deeplinks_observability.mdx index 66424a2fa8250..44764c9eebdba 100644 --- a/api_docs/kbn_deeplinks_observability.mdx +++ b/api_docs/kbn_deeplinks_observability.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-observability title: "@kbn/deeplinks-observability" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-observability plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-observability'] --- import kbnDeeplinksObservabilityObj from './kbn_deeplinks_observability.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_search.mdx b/api_docs/kbn_deeplinks_search.mdx index 8d84d81c1579c..0c7586b782191 100644 --- a/api_docs/kbn_deeplinks_search.mdx +++ b/api_docs/kbn_deeplinks_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-search title: "@kbn/deeplinks-search" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-search plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-search'] --- import kbnDeeplinksSearchObj from './kbn_deeplinks_search.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_security.mdx b/api_docs/kbn_deeplinks_security.mdx index eef7d14f86dd2..6685fc795dd59 100644 --- a/api_docs/kbn_deeplinks_security.mdx +++ b/api_docs/kbn_deeplinks_security.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-security title: "@kbn/deeplinks-security" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-security plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-security'] --- import kbnDeeplinksSecurityObj from './kbn_deeplinks_security.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_shared.mdx b/api_docs/kbn_deeplinks_shared.mdx index 66f4832448278..d49678efcf267 100644 --- a/api_docs/kbn_deeplinks_shared.mdx +++ b/api_docs/kbn_deeplinks_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-shared title: "@kbn/deeplinks-shared" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-shared plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-shared'] --- import kbnDeeplinksSharedObj from './kbn_deeplinks_shared.devdocs.json'; diff --git a/api_docs/kbn_default_nav_analytics.mdx b/api_docs/kbn_default_nav_analytics.mdx index 0d48002909fae..c474e0d80dd97 100644 --- a/api_docs/kbn_default_nav_analytics.mdx +++ b/api_docs/kbn_default_nav_analytics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-analytics title: "@kbn/default-nav-analytics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-analytics plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-analytics'] --- import kbnDefaultNavAnalyticsObj from './kbn_default_nav_analytics.devdocs.json'; diff --git a/api_docs/kbn_default_nav_devtools.mdx b/api_docs/kbn_default_nav_devtools.mdx index ad535738555a3..ceb026c1ace28 100644 --- a/api_docs/kbn_default_nav_devtools.mdx +++ b/api_docs/kbn_default_nav_devtools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-devtools title: "@kbn/default-nav-devtools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-devtools plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-devtools'] --- import kbnDefaultNavDevtoolsObj from './kbn_default_nav_devtools.devdocs.json'; diff --git a/api_docs/kbn_default_nav_management.mdx b/api_docs/kbn_default_nav_management.mdx index 8a33ad62975ad..cf9dcfc6ad8bf 100644 --- a/api_docs/kbn_default_nav_management.mdx +++ b/api_docs/kbn_default_nav_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-management title: "@kbn/default-nav-management" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-management plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-management'] --- import kbnDefaultNavManagementObj from './kbn_default_nav_management.devdocs.json'; diff --git a/api_docs/kbn_default_nav_ml.mdx b/api_docs/kbn_default_nav_ml.mdx index f5fbf86e24dd3..ad251be44742b 100644 --- a/api_docs/kbn_default_nav_ml.mdx +++ b/api_docs/kbn_default_nav_ml.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-ml title: "@kbn/default-nav-ml" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-ml plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-ml'] --- import kbnDefaultNavMlObj from './kbn_default_nav_ml.devdocs.json'; diff --git a/api_docs/kbn_dev_cli_errors.mdx b/api_docs/kbn_dev_cli_errors.mdx index 7f1d898208b48..fed28786cb4c3 100644 --- a/api_docs/kbn_dev_cli_errors.mdx +++ b/api_docs/kbn_dev_cli_errors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-cli-errors title: "@kbn/dev-cli-errors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-cli-errors plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-cli-errors'] --- import kbnDevCliErrorsObj from './kbn_dev_cli_errors.devdocs.json'; diff --git a/api_docs/kbn_dev_cli_runner.mdx b/api_docs/kbn_dev_cli_runner.mdx index b4ad7477793bf..40e82da067937 100644 --- a/api_docs/kbn_dev_cli_runner.mdx +++ b/api_docs/kbn_dev_cli_runner.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-cli-runner title: "@kbn/dev-cli-runner" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-cli-runner plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-cli-runner'] --- import kbnDevCliRunnerObj from './kbn_dev_cli_runner.devdocs.json'; diff --git a/api_docs/kbn_dev_proc_runner.mdx b/api_docs/kbn_dev_proc_runner.mdx index 09e1c35b118a8..33d242ac18540 100644 --- a/api_docs/kbn_dev_proc_runner.mdx +++ b/api_docs/kbn_dev_proc_runner.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-proc-runner title: "@kbn/dev-proc-runner" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-proc-runner plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-proc-runner'] --- import kbnDevProcRunnerObj from './kbn_dev_proc_runner.devdocs.json'; diff --git a/api_docs/kbn_dev_utils.mdx b/api_docs/kbn_dev_utils.mdx index 5db1a2647c1bc..0012a1a8b17be 100644 --- a/api_docs/kbn_dev_utils.mdx +++ b/api_docs/kbn_dev_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-utils title: "@kbn/dev-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-utils'] --- import kbnDevUtilsObj from './kbn_dev_utils.devdocs.json'; diff --git a/api_docs/kbn_discover_utils.mdx b/api_docs/kbn_discover_utils.mdx index eebff70b8f9f3..a61fae2d2cee9 100644 --- a/api_docs/kbn_discover_utils.mdx +++ b/api_docs/kbn_discover_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-discover-utils title: "@kbn/discover-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/discover-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/discover-utils'] --- import kbnDiscoverUtilsObj from './kbn_discover_utils.devdocs.json'; diff --git a/api_docs/kbn_doc_links.devdocs.json b/api_docs/kbn_doc_links.devdocs.json index 0cce251902dcb..7dfb05bacf442 100644 --- a/api_docs/kbn_doc_links.devdocs.json +++ b/api_docs/kbn_doc_links.devdocs.json @@ -851,7 +851,7 @@ "label": "fleet", "description": [], "signature": [ - "{ readonly beatsAgentComparison: string; readonly guide: string; readonly fleetServer: string; readonly fleetServerAddFleetServer: string; readonly esSettings: string; readonly settings: string; readonly logstashSettings: string; readonly kafkaSettings: string; readonly settingsFleetServerHostSettings: string; readonly settingsFleetServerProxySettings: string; readonly troubleshooting: string; readonly elasticAgent: string; readonly datastreams: string; readonly datastreamsILM: string; readonly datastreamsNamingScheme: string; readonly datastreamsManualRollover: string; readonly datastreamsTSDS: string; readonly datastreamsTSDSMetrics: string; readonly datastreamsDownsampling: string; readonly installElasticAgent: string; readonly installElasticAgentStandalone: string; readonly grantESAccessToStandaloneAgents: string; readonly packageSignatures: string; readonly upgradeElasticAgent: string; readonly learnMoreBlog: string; readonly apiKeysLearnMore: string; readonly onPremRegistry: string; readonly secureLogstash: string; readonly agentPolicy: string; readonly api: string; readonly uninstallAgent: string; readonly installAndUninstallIntegrationAssets: string; readonly elasticAgentInputConfiguration: string; readonly policySecrets: string; readonly remoteESOoutput: string; readonly performancePresets: string; readonly scalingKubernetesResourcesAndLimits: string; readonly roleAndPrivileges: string; readonly proxiesSettings: string; readonly unprivilegedMode: string; }" + "{ readonly beatsAgentComparison: string; readonly guide: string; readonly fleetServer: string; readonly fleetServerAddFleetServer: string; readonly esSettings: string; readonly settings: string; readonly logstashSettings: string; readonly kafkaSettings: string; readonly settingsFleetServerHostSettings: string; readonly settingsFleetServerProxySettings: string; readonly troubleshooting: string; readonly elasticAgent: string; readonly datastreams: string; readonly datastreamsILM: string; readonly datastreamsNamingScheme: string; readonly datastreamsManualRollover: string; readonly datastreamsTSDS: string; readonly datastreamsTSDSMetrics: string; readonly datastreamsDownsampling: string; readonly installElasticAgent: string; readonly installElasticAgentStandalone: string; readonly grantESAccessToStandaloneAgents: string; readonly packageSignatures: string; readonly upgradeElasticAgent: string; readonly learnMoreBlog: string; readonly apiKeysLearnMore: string; readonly onPremRegistry: string; readonly secureLogstash: string; readonly agentPolicy: string; readonly api: string; readonly uninstallAgent: string; readonly installAndUninstallIntegrationAssets: string; readonly elasticAgentInputConfiguration: string; readonly policySecrets: string; readonly remoteESOoutput: string; readonly performancePresets: string; readonly scalingKubernetesResourcesAndLimits: string; readonly roleAndPrivileges: string; readonly proxiesSettings: string; readonly unprivilegedMode: string; readonly httpMonitoring: string; }" ], "path": "packages/kbn-doc-links/src/types.ts", "deprecated": false, diff --git a/api_docs/kbn_doc_links.mdx b/api_docs/kbn_doc_links.mdx index efe0a25c3b0b0..1539bb867dcbc 100644 --- a/api_docs/kbn_doc_links.mdx +++ b/api_docs/kbn_doc_links.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-doc-links title: "@kbn/doc-links" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/doc-links plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/doc-links'] --- import kbnDocLinksObj from './kbn_doc_links.devdocs.json'; diff --git a/api_docs/kbn_docs_utils.mdx b/api_docs/kbn_docs_utils.mdx index a745964ef37d5..6b10346fa89d4 100644 --- a/api_docs/kbn_docs_utils.mdx +++ b/api_docs/kbn_docs_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-docs-utils title: "@kbn/docs-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/docs-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/docs-utils'] --- import kbnDocsUtilsObj from './kbn_docs_utils.devdocs.json'; diff --git a/api_docs/kbn_dom_drag_drop.mdx b/api_docs/kbn_dom_drag_drop.mdx index e97a65b5c8c13..2af9237f2b094 100644 --- a/api_docs/kbn_dom_drag_drop.mdx +++ b/api_docs/kbn_dom_drag_drop.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dom-drag-drop title: "@kbn/dom-drag-drop" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dom-drag-drop plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dom-drag-drop'] --- import kbnDomDragDropObj from './kbn_dom_drag_drop.devdocs.json'; diff --git a/api_docs/kbn_ebt_tools.mdx b/api_docs/kbn_ebt_tools.mdx index 792b97e37518d..6c40665c51af3 100644 --- a/api_docs/kbn_ebt_tools.mdx +++ b/api_docs/kbn_ebt_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ebt-tools title: "@kbn/ebt-tools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ebt-tools plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ebt-tools'] --- import kbnEbtToolsObj from './kbn_ebt_tools.devdocs.json'; diff --git a/api_docs/kbn_ecs_data_quality_dashboard.mdx b/api_docs/kbn_ecs_data_quality_dashboard.mdx index 5b289f4b80912..3e1e59b44d7da 100644 --- a/api_docs/kbn_ecs_data_quality_dashboard.mdx +++ b/api_docs/kbn_ecs_data_quality_dashboard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ecs-data-quality-dashboard title: "@kbn/ecs-data-quality-dashboard" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ecs-data-quality-dashboard plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ecs-data-quality-dashboard'] --- import kbnEcsDataQualityDashboardObj from './kbn_ecs_data_quality_dashboard.devdocs.json'; diff --git a/api_docs/kbn_elastic_agent_utils.devdocs.json b/api_docs/kbn_elastic_agent_utils.devdocs.json index 90c71816321f2..23de678c645bc 100644 --- a/api_docs/kbn_elastic_agent_utils.devdocs.json +++ b/api_docs/kbn_elastic_agent_utils.devdocs.json @@ -19,6 +19,54 @@ "common": { "classes": [], "functions": [ + { + "parentPluginId": "@kbn/elastic-agent-utils", + "id": "def-common.hasOpenTelemetryPrefix", + "type": "Function", + "tags": [], + "label": "hasOpenTelemetryPrefix", + "description": [], + "signature": [ + "(agentName: string | undefined, language: string) => boolean" + ], + "path": "packages/kbn-elastic-agent-utils/src/agent_guards.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/elastic-agent-utils", + "id": "def-common.hasOpenTelemetryPrefix.$1", + "type": "string", + "tags": [], + "label": "agentName", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "packages/kbn-elastic-agent-utils/src/agent_guards.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": false + }, + { + "parentPluginId": "@kbn/elastic-agent-utils", + "id": "def-common.hasOpenTelemetryPrefix.$2", + "type": "string", + "tags": [], + "label": "language", + "description": [], + "signature": [ + "string" + ], + "path": "packages/kbn-elastic-agent-utils/src/agent_guards.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [], + "initialIsOpen": false + }, { "parentPluginId": "@kbn/elastic-agent-utils", "id": "def-common.isAndroidAgentName", @@ -431,7 +479,7 @@ "label": "AgentName", "description": [], "signature": [ - "\"java\" | \"dotnet\" | \"go\" | \"iOS/swift\" | \"js-base\" | \"nodejs\" | \"php\" | \"python\" | \"ruby\" | \"rum-js\" | \"android/java\" | \"otlp\" | \"opentelemetry/cpp\" | \"opentelemetry/dotnet\" | \"opentelemetry/erlang\" | \"opentelemetry/go\" | \"opentelemetry/java\" | \"opentelemetry/nodejs\" | \"opentelemetry/php\" | \"opentelemetry/python\" | \"opentelemetry/ruby\" | \"opentelemetry/rust\" | \"opentelemetry/swift\" | \"opentelemetry/android\" | \"opentelemetry/webjs\"" + "\"java\" | \"opentelemetry\" | \"dotnet\" | \"go\" | \"iOS/swift\" | \"js-base\" | \"nodejs\" | \"php\" | \"python\" | \"ruby\" | \"rum-js\" | \"android/java\" | \"otlp\" | \"opentelemetry/cpp\" | \"opentelemetry/dotnet\" | \"opentelemetry/erlang\" | \"opentelemetry/go\" | \"opentelemetry/java\" | \"opentelemetry/nodejs\" | \"opentelemetry/php\" | \"opentelemetry/python\" | \"opentelemetry/ruby\" | \"opentelemetry/rust\" | \"opentelemetry/swift\" | \"opentelemetry/android\" | \"opentelemetry/webjs\" | \"otlp/cpp\" | \"otlp/dotnet\" | \"otlp/erlang\" | \"otlp/go\" | \"otlp/java\" | \"otlp/nodejs\" | \"otlp/php\" | \"otlp/python\" | \"otlp/ruby\" | \"otlp/rust\" | \"otlp/swift\" | \"otlp/android\" | \"otlp/webjs\" | \"ios/swift\"" ], "path": "packages/kbn-elastic-agent-utils/src/agent_names.ts", "deprecated": false, @@ -507,7 +555,7 @@ "label": "JavaAgentName", "description": [], "signature": [ - "\"java\" | \"opentelemetry/java\"" + "\"java\" | \"opentelemetry/java\" | \"otlp/java\"" ], "path": "packages/kbn-elastic-agent-utils/src/agent_names.ts", "deprecated": false, @@ -544,7 +592,7 @@ "label": "OpenTelemetryAgentName", "description": [], "signature": [ - "\"otlp\" | \"opentelemetry/cpp\" | \"opentelemetry/dotnet\" | \"opentelemetry/erlang\" | \"opentelemetry/go\" | \"opentelemetry/java\" | \"opentelemetry/nodejs\" | \"opentelemetry/php\" | \"opentelemetry/python\" | \"opentelemetry/ruby\" | \"opentelemetry/rust\" | \"opentelemetry/swift\" | \"opentelemetry/android\" | \"opentelemetry/webjs\"" + "\"opentelemetry\" | \"otlp\" | \"opentelemetry/cpp\" | \"opentelemetry/dotnet\" | \"opentelemetry/erlang\" | \"opentelemetry/go\" | \"opentelemetry/java\" | \"opentelemetry/nodejs\" | \"opentelemetry/php\" | \"opentelemetry/python\" | \"opentelemetry/ruby\" | \"opentelemetry/rust\" | \"opentelemetry/swift\" | \"opentelemetry/android\" | \"opentelemetry/webjs\" | \"otlp/cpp\" | \"otlp/dotnet\" | \"otlp/erlang\" | \"otlp/go\" | \"otlp/java\" | \"otlp/nodejs\" | \"otlp/php\" | \"otlp/python\" | \"otlp/ruby\" | \"otlp/rust\" | \"otlp/swift\" | \"otlp/android\" | \"otlp/webjs\"" ], "path": "packages/kbn-elastic-agent-utils/src/agent_names.ts", "deprecated": false, @@ -581,7 +629,7 @@ "label": "RumAgentName", "description": [], "signature": [ - "\"js-base\" | \"rum-js\" | \"opentelemetry/webjs\"" + "\"js-base\" | \"rum-js\" | \"opentelemetry/webjs\" | \"otlp/webjs\"" ], "path": "packages/kbn-elastic-agent-utils/src/agent_names.ts", "deprecated": false, diff --git a/api_docs/kbn_elastic_agent_utils.mdx b/api_docs/kbn_elastic_agent_utils.mdx index 797f3745f6a69..08ec1d8c5b895 100644 --- a/api_docs/kbn_elastic_agent_utils.mdx +++ b/api_docs/kbn_elastic_agent_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-elastic-agent-utils title: "@kbn/elastic-agent-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/elastic-agent-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/elastic-agent-utils'] --- import kbnElasticAgentUtilsObj from './kbn_elastic_agent_utils.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/obs-ux-logs-team](https://github.com/orgs/elastic/teams/obs-ux | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 35 | 0 | 34 | 0 | +| 38 | 0 | 37 | 0 | ## Common diff --git a/api_docs/kbn_elastic_assistant.mdx b/api_docs/kbn_elastic_assistant.mdx index 679005170ac10..b11f52d280ac1 100644 --- a/api_docs/kbn_elastic_assistant.mdx +++ b/api_docs/kbn_elastic_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-elastic-assistant title: "@kbn/elastic-assistant" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/elastic-assistant plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/elastic-assistant'] --- import kbnElasticAssistantObj from './kbn_elastic_assistant.devdocs.json'; diff --git a/api_docs/kbn_elastic_assistant_common.mdx b/api_docs/kbn_elastic_assistant_common.mdx index 4729092a13544..b94b9f5f33d98 100644 --- a/api_docs/kbn_elastic_assistant_common.mdx +++ b/api_docs/kbn_elastic_assistant_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-elastic-assistant-common title: "@kbn/elastic-assistant-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/elastic-assistant-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/elastic-assistant-common'] --- import kbnElasticAssistantCommonObj from './kbn_elastic_assistant_common.devdocs.json'; diff --git a/api_docs/kbn_entities_schema.mdx b/api_docs/kbn_entities_schema.mdx index ce1da334c670d..8d719f787b7e1 100644 --- a/api_docs/kbn_entities_schema.mdx +++ b/api_docs/kbn_entities_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-entities-schema title: "@kbn/entities-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/entities-schema plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/entities-schema'] --- import kbnEntitiesSchemaObj from './kbn_entities_schema.devdocs.json'; diff --git a/api_docs/kbn_es.mdx b/api_docs/kbn_es.mdx index 28ab82dba3e33..ffd46ffe37600 100644 --- a/api_docs/kbn_es.mdx +++ b/api_docs/kbn_es.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es title: "@kbn/es" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es'] --- import kbnEsObj from './kbn_es.devdocs.json'; diff --git a/api_docs/kbn_es_archiver.mdx b/api_docs/kbn_es_archiver.mdx index db276dba48429..23a296f918f8f 100644 --- a/api_docs/kbn_es_archiver.mdx +++ b/api_docs/kbn_es_archiver.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-archiver title: "@kbn/es-archiver" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-archiver plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-archiver'] --- import kbnEsArchiverObj from './kbn_es_archiver.devdocs.json'; diff --git a/api_docs/kbn_es_errors.mdx b/api_docs/kbn_es_errors.mdx index 957662c642073..3c6a0011f72cb 100644 --- a/api_docs/kbn_es_errors.mdx +++ b/api_docs/kbn_es_errors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-errors title: "@kbn/es-errors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-errors plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-errors'] --- import kbnEsErrorsObj from './kbn_es_errors.devdocs.json'; diff --git a/api_docs/kbn_es_query.mdx b/api_docs/kbn_es_query.mdx index 4e90ec80de74c..d4cb67acee503 100644 --- a/api_docs/kbn_es_query.mdx +++ b/api_docs/kbn_es_query.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-query title: "@kbn/es-query" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-query plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-query'] --- import kbnEsQueryObj from './kbn_es_query.devdocs.json'; diff --git a/api_docs/kbn_es_types.mdx b/api_docs/kbn_es_types.mdx index ff22bc77e10ba..96e0807e16bd1 100644 --- a/api_docs/kbn_es_types.mdx +++ b/api_docs/kbn_es_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-types title: "@kbn/es-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-types plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-types'] --- import kbnEsTypesObj from './kbn_es_types.devdocs.json'; diff --git a/api_docs/kbn_eslint_plugin_imports.mdx b/api_docs/kbn_eslint_plugin_imports.mdx index c3aef3fcce106..69242ac642d6d 100644 --- a/api_docs/kbn_eslint_plugin_imports.mdx +++ b/api_docs/kbn_eslint_plugin_imports.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-eslint-plugin-imports title: "@kbn/eslint-plugin-imports" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/eslint-plugin-imports plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/eslint-plugin-imports'] --- import kbnEslintPluginImportsObj from './kbn_eslint_plugin_imports.devdocs.json'; diff --git a/api_docs/kbn_esql_ast.mdx b/api_docs/kbn_esql_ast.mdx index a164098a6b106..9f7edd14d028b 100644 --- a/api_docs/kbn_esql_ast.mdx +++ b/api_docs/kbn_esql_ast.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-esql-ast title: "@kbn/esql-ast" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/esql-ast plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/esql-ast'] --- import kbnEsqlAstObj from './kbn_esql_ast.devdocs.json'; diff --git a/api_docs/kbn_esql_utils.mdx b/api_docs/kbn_esql_utils.mdx index 966dc25175aed..df8162b9811ac 100644 --- a/api_docs/kbn_esql_utils.mdx +++ b/api_docs/kbn_esql_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-esql-utils title: "@kbn/esql-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/esql-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/esql-utils'] --- import kbnEsqlUtilsObj from './kbn_esql_utils.devdocs.json'; diff --git a/api_docs/kbn_esql_validation_autocomplete.mdx b/api_docs/kbn_esql_validation_autocomplete.mdx index 7cca498f2779d..a2531506312ab 100644 --- a/api_docs/kbn_esql_validation_autocomplete.mdx +++ b/api_docs/kbn_esql_validation_autocomplete.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-esql-validation-autocomplete title: "@kbn/esql-validation-autocomplete" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/esql-validation-autocomplete plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/esql-validation-autocomplete'] --- import kbnEsqlValidationAutocompleteObj from './kbn_esql_validation_autocomplete.devdocs.json'; diff --git a/api_docs/kbn_event_annotation_common.mdx b/api_docs/kbn_event_annotation_common.mdx index a634376f82e95..9bdc5db15b39e 100644 --- a/api_docs/kbn_event_annotation_common.mdx +++ b/api_docs/kbn_event_annotation_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-event-annotation-common title: "@kbn/event-annotation-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/event-annotation-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/event-annotation-common'] --- import kbnEventAnnotationCommonObj from './kbn_event_annotation_common.devdocs.json'; diff --git a/api_docs/kbn_event_annotation_components.mdx b/api_docs/kbn_event_annotation_components.mdx index a6e907c960e2c..07896aff3c309 100644 --- a/api_docs/kbn_event_annotation_components.mdx +++ b/api_docs/kbn_event_annotation_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-event-annotation-components title: "@kbn/event-annotation-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/event-annotation-components plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/event-annotation-components'] --- import kbnEventAnnotationComponentsObj from './kbn_event_annotation_components.devdocs.json'; diff --git a/api_docs/kbn_expandable_flyout.mdx b/api_docs/kbn_expandable_flyout.mdx index a44c5ffc0f51b..10d0e62ac4d7c 100644 --- a/api_docs/kbn_expandable_flyout.mdx +++ b/api_docs/kbn_expandable_flyout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-expandable-flyout title: "@kbn/expandable-flyout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/expandable-flyout plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/expandable-flyout'] --- import kbnExpandableFlyoutObj from './kbn_expandable_flyout.devdocs.json'; diff --git a/api_docs/kbn_field_types.mdx b/api_docs/kbn_field_types.mdx index a6e50ec4fbf1d..2921dad0145fe 100644 --- a/api_docs/kbn_field_types.mdx +++ b/api_docs/kbn_field_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-field-types title: "@kbn/field-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/field-types plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/field-types'] --- import kbnFieldTypesObj from './kbn_field_types.devdocs.json'; diff --git a/api_docs/kbn_field_utils.mdx b/api_docs/kbn_field_utils.mdx index b322ed05c6427..31cc07ce9e31e 100644 --- a/api_docs/kbn_field_utils.mdx +++ b/api_docs/kbn_field_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-field-utils title: "@kbn/field-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/field-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/field-utils'] --- import kbnFieldUtilsObj from './kbn_field_utils.devdocs.json'; diff --git a/api_docs/kbn_find_used_node_modules.mdx b/api_docs/kbn_find_used_node_modules.mdx index b93d2866e0355..7b3935680f5ea 100644 --- a/api_docs/kbn_find_used_node_modules.mdx +++ b/api_docs/kbn_find_used_node_modules.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-find-used-node-modules title: "@kbn/find-used-node-modules" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/find-used-node-modules plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/find-used-node-modules'] --- import kbnFindUsedNodeModulesObj from './kbn_find_used_node_modules.devdocs.json'; diff --git a/api_docs/kbn_formatters.mdx b/api_docs/kbn_formatters.mdx index 315a23e03ed37..99f6b7a4bf6ae 100644 --- a/api_docs/kbn_formatters.mdx +++ b/api_docs/kbn_formatters.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-formatters title: "@kbn/formatters" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/formatters plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/formatters'] --- import kbnFormattersObj from './kbn_formatters.devdocs.json'; diff --git a/api_docs/kbn_ftr_common_functional_services.mdx b/api_docs/kbn_ftr_common_functional_services.mdx index daf0412d28e6f..0b01afe6d040c 100644 --- a/api_docs/kbn_ftr_common_functional_services.mdx +++ b/api_docs/kbn_ftr_common_functional_services.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ftr-common-functional-services title: "@kbn/ftr-common-functional-services" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ftr-common-functional-services plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ftr-common-functional-services'] --- import kbnFtrCommonFunctionalServicesObj from './kbn_ftr_common_functional_services.devdocs.json'; diff --git a/api_docs/kbn_ftr_common_functional_ui_services.mdx b/api_docs/kbn_ftr_common_functional_ui_services.mdx index 1ab9ba69595df..7f434326f7fbc 100644 --- a/api_docs/kbn_ftr_common_functional_ui_services.mdx +++ b/api_docs/kbn_ftr_common_functional_ui_services.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ftr-common-functional-ui-services title: "@kbn/ftr-common-functional-ui-services" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ftr-common-functional-ui-services plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ftr-common-functional-ui-services'] --- import kbnFtrCommonFunctionalUiServicesObj from './kbn_ftr_common_functional_ui_services.devdocs.json'; diff --git a/api_docs/kbn_generate.mdx b/api_docs/kbn_generate.mdx index aba010d95af77..ebd8c583cf605 100644 --- a/api_docs/kbn_generate.mdx +++ b/api_docs/kbn_generate.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-generate title: "@kbn/generate" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/generate plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/generate'] --- import kbnGenerateObj from './kbn_generate.devdocs.json'; diff --git a/api_docs/kbn_generate_console_definitions.mdx b/api_docs/kbn_generate_console_definitions.mdx index ba64e2099d669..868ed29f3b812 100644 --- a/api_docs/kbn_generate_console_definitions.mdx +++ b/api_docs/kbn_generate_console_definitions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-generate-console-definitions title: "@kbn/generate-console-definitions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/generate-console-definitions plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/generate-console-definitions'] --- import kbnGenerateConsoleDefinitionsObj from './kbn_generate_console_definitions.devdocs.json'; diff --git a/api_docs/kbn_generate_csv.mdx b/api_docs/kbn_generate_csv.mdx index 0d0c62011a2e3..4e1510ea3a4cf 100644 --- a/api_docs/kbn_generate_csv.mdx +++ b/api_docs/kbn_generate_csv.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-generate-csv title: "@kbn/generate-csv" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/generate-csv plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/generate-csv'] --- import kbnGenerateCsvObj from './kbn_generate_csv.devdocs.json'; diff --git a/api_docs/kbn_grid_layout.mdx b/api_docs/kbn_grid_layout.mdx index d242768a20acf..611d2de1d982f 100644 --- a/api_docs/kbn_grid_layout.mdx +++ b/api_docs/kbn_grid_layout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-grid-layout title: "@kbn/grid-layout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/grid-layout plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/grid-layout'] --- import kbnGridLayoutObj from './kbn_grid_layout.devdocs.json'; diff --git a/api_docs/kbn_grouping.mdx b/api_docs/kbn_grouping.mdx index 3caa2db3ff44d..e8de165e89275 100644 --- a/api_docs/kbn_grouping.mdx +++ b/api_docs/kbn_grouping.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-grouping title: "@kbn/grouping" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/grouping plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/grouping'] --- import kbnGroupingObj from './kbn_grouping.devdocs.json'; diff --git a/api_docs/kbn_guided_onboarding.mdx b/api_docs/kbn_guided_onboarding.mdx index c44c5aa852de3..275deed3fdbdc 100644 --- a/api_docs/kbn_guided_onboarding.mdx +++ b/api_docs/kbn_guided_onboarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-guided-onboarding title: "@kbn/guided-onboarding" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/guided-onboarding plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/guided-onboarding'] --- import kbnGuidedOnboardingObj from './kbn_guided_onboarding.devdocs.json'; diff --git a/api_docs/kbn_handlebars.mdx b/api_docs/kbn_handlebars.mdx index e682e48c58fb5..2625bd075157e 100644 --- a/api_docs/kbn_handlebars.mdx +++ b/api_docs/kbn_handlebars.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-handlebars title: "@kbn/handlebars" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/handlebars plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/handlebars'] --- import kbnHandlebarsObj from './kbn_handlebars.devdocs.json'; diff --git a/api_docs/kbn_hapi_mocks.mdx b/api_docs/kbn_hapi_mocks.mdx index 8028edfaf3251..0de11a46c7612 100644 --- a/api_docs/kbn_hapi_mocks.mdx +++ b/api_docs/kbn_hapi_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-hapi-mocks title: "@kbn/hapi-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/hapi-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/hapi-mocks'] --- import kbnHapiMocksObj from './kbn_hapi_mocks.devdocs.json'; diff --git a/api_docs/kbn_health_gateway_server.mdx b/api_docs/kbn_health_gateway_server.mdx index a2f84076f89d6..77f9a691a60f2 100644 --- a/api_docs/kbn_health_gateway_server.mdx +++ b/api_docs/kbn_health_gateway_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-health-gateway-server title: "@kbn/health-gateway-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/health-gateway-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/health-gateway-server'] --- import kbnHealthGatewayServerObj from './kbn_health_gateway_server.devdocs.json'; diff --git a/api_docs/kbn_home_sample_data_card.mdx b/api_docs/kbn_home_sample_data_card.mdx index 3a326beb2bdeb..c5a3c60751653 100644 --- a/api_docs/kbn_home_sample_data_card.mdx +++ b/api_docs/kbn_home_sample_data_card.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-home-sample-data-card title: "@kbn/home-sample-data-card" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/home-sample-data-card plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/home-sample-data-card'] --- import kbnHomeSampleDataCardObj from './kbn_home_sample_data_card.devdocs.json'; diff --git a/api_docs/kbn_home_sample_data_tab.mdx b/api_docs/kbn_home_sample_data_tab.mdx index 5046b3e9dc596..d336e64f848ee 100644 --- a/api_docs/kbn_home_sample_data_tab.mdx +++ b/api_docs/kbn_home_sample_data_tab.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-home-sample-data-tab title: "@kbn/home-sample-data-tab" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/home-sample-data-tab plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/home-sample-data-tab'] --- import kbnHomeSampleDataTabObj from './kbn_home_sample_data_tab.devdocs.json'; diff --git a/api_docs/kbn_i18n.mdx b/api_docs/kbn_i18n.mdx index 16fd88427570a..9de15eceddd4b 100644 --- a/api_docs/kbn_i18n.mdx +++ b/api_docs/kbn_i18n.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-i18n title: "@kbn/i18n" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/i18n plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/i18n'] --- import kbnI18nObj from './kbn_i18n.devdocs.json'; diff --git a/api_docs/kbn_i18n_react.mdx b/api_docs/kbn_i18n_react.mdx index f89a28597b675..9a1721e7d5238 100644 --- a/api_docs/kbn_i18n_react.mdx +++ b/api_docs/kbn_i18n_react.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-i18n-react title: "@kbn/i18n-react" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/i18n-react plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/i18n-react'] --- import kbnI18nReactObj from './kbn_i18n_react.devdocs.json'; diff --git a/api_docs/kbn_import_resolver.mdx b/api_docs/kbn_import_resolver.mdx index 67c22ca313f8b..28e030581846a 100644 --- a/api_docs/kbn_import_resolver.mdx +++ b/api_docs/kbn_import_resolver.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-import-resolver title: "@kbn/import-resolver" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/import-resolver plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/import-resolver'] --- import kbnImportResolverObj from './kbn_import_resolver.devdocs.json'; diff --git a/api_docs/kbn_index_management_shared_types.mdx b/api_docs/kbn_index_management_shared_types.mdx index 458a60ff3ecfb..71e31aca65572 100644 --- a/api_docs/kbn_index_management_shared_types.mdx +++ b/api_docs/kbn_index_management_shared_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-index-management-shared-types title: "@kbn/index-management-shared-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/index-management-shared-types plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/index-management-shared-types'] --- import kbnIndexManagementSharedTypesObj from './kbn_index_management_shared_types.devdocs.json'; diff --git a/api_docs/kbn_inference_integration_flyout.mdx b/api_docs/kbn_inference_integration_flyout.mdx index e030d463c90be..93ba346755a27 100644 --- a/api_docs/kbn_inference_integration_flyout.mdx +++ b/api_docs/kbn_inference_integration_flyout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-inference_integration_flyout title: "@kbn/inference_integration_flyout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/inference_integration_flyout plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/inference_integration_flyout'] --- import kbnInferenceIntegrationFlyoutObj from './kbn_inference_integration_flyout.devdocs.json'; diff --git a/api_docs/kbn_infra_forge.mdx b/api_docs/kbn_infra_forge.mdx index a8d07f35ac089..f0934e6a1fb19 100644 --- a/api_docs/kbn_infra_forge.mdx +++ b/api_docs/kbn_infra_forge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-infra-forge title: "@kbn/infra-forge" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/infra-forge plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/infra-forge'] --- import kbnInfraForgeObj from './kbn_infra_forge.devdocs.json'; diff --git a/api_docs/kbn_interpreter.mdx b/api_docs/kbn_interpreter.mdx index a6c58fb00d1ac..1af1924b18213 100644 --- a/api_docs/kbn_interpreter.mdx +++ b/api_docs/kbn_interpreter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-interpreter title: "@kbn/interpreter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/interpreter plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/interpreter'] --- import kbnInterpreterObj from './kbn_interpreter.devdocs.json'; diff --git a/api_docs/kbn_investigation_shared.mdx b/api_docs/kbn_investigation_shared.mdx index 2e6194ad7ea9e..c8ccd6f73f5cf 100644 --- a/api_docs/kbn_investigation_shared.mdx +++ b/api_docs/kbn_investigation_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-investigation-shared title: "@kbn/investigation-shared" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/investigation-shared plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/investigation-shared'] --- import kbnInvestigationSharedObj from './kbn_investigation_shared.devdocs.json'; diff --git a/api_docs/kbn_io_ts_utils.mdx b/api_docs/kbn_io_ts_utils.mdx index 128cef03539c0..4d99772315f37 100644 --- a/api_docs/kbn_io_ts_utils.mdx +++ b/api_docs/kbn_io_ts_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-io-ts-utils title: "@kbn/io-ts-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/io-ts-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/io-ts-utils'] --- import kbnIoTsUtilsObj from './kbn_io_ts_utils.devdocs.json'; diff --git a/api_docs/kbn_ipynb.mdx b/api_docs/kbn_ipynb.mdx index 8204aad358b33..a69412659157c 100644 --- a/api_docs/kbn_ipynb.mdx +++ b/api_docs/kbn_ipynb.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ipynb title: "@kbn/ipynb" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ipynb plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ipynb'] --- import kbnIpynbObj from './kbn_ipynb.devdocs.json'; diff --git a/api_docs/kbn_jest_serializers.mdx b/api_docs/kbn_jest_serializers.mdx index b8ac260d701bc..ee64021bda464 100644 --- a/api_docs/kbn_jest_serializers.mdx +++ b/api_docs/kbn_jest_serializers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-jest-serializers title: "@kbn/jest-serializers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/jest-serializers plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/jest-serializers'] --- import kbnJestSerializersObj from './kbn_jest_serializers.devdocs.json'; diff --git a/api_docs/kbn_journeys.mdx b/api_docs/kbn_journeys.mdx index d1272cf0ef0f7..e86743aad8296 100644 --- a/api_docs/kbn_journeys.mdx +++ b/api_docs/kbn_journeys.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-journeys title: "@kbn/journeys" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/journeys plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/journeys'] --- import kbnJourneysObj from './kbn_journeys.devdocs.json'; diff --git a/api_docs/kbn_json_ast.mdx b/api_docs/kbn_json_ast.mdx index 4f8a72df46c77..2b27d1c94f5fe 100644 --- a/api_docs/kbn_json_ast.mdx +++ b/api_docs/kbn_json_ast.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-json-ast title: "@kbn/json-ast" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/json-ast plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/json-ast'] --- import kbnJsonAstObj from './kbn_json_ast.devdocs.json'; diff --git a/api_docs/kbn_json_schemas.mdx b/api_docs/kbn_json_schemas.mdx index 7ccb7dd52c7a4..960b977c357fa 100644 --- a/api_docs/kbn_json_schemas.mdx +++ b/api_docs/kbn_json_schemas.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-json-schemas title: "@kbn/json-schemas" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/json-schemas plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/json-schemas'] --- import kbnJsonSchemasObj from './kbn_json_schemas.devdocs.json'; diff --git a/api_docs/kbn_kibana_manifest_schema.mdx b/api_docs/kbn_kibana_manifest_schema.mdx index 345f1394e77dd..8e6c94a7fe5c5 100644 --- a/api_docs/kbn_kibana_manifest_schema.mdx +++ b/api_docs/kbn_kibana_manifest_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-kibana-manifest-schema title: "@kbn/kibana-manifest-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/kibana-manifest-schema plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/kibana-manifest-schema'] --- import kbnKibanaManifestSchemaObj from './kbn_kibana_manifest_schema.devdocs.json'; diff --git a/api_docs/kbn_language_documentation_popover.mdx b/api_docs/kbn_language_documentation_popover.mdx index 0b06d1748fd06..1aeb66f1c432c 100644 --- a/api_docs/kbn_language_documentation_popover.mdx +++ b/api_docs/kbn_language_documentation_popover.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-language-documentation-popover title: "@kbn/language-documentation-popover" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/language-documentation-popover plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/language-documentation-popover'] --- import kbnLanguageDocumentationPopoverObj from './kbn_language_documentation_popover.devdocs.json'; diff --git a/api_docs/kbn_lens_embeddable_utils.mdx b/api_docs/kbn_lens_embeddable_utils.mdx index d706b4d0a80fe..3d0e122faa3ed 100644 --- a/api_docs/kbn_lens_embeddable_utils.mdx +++ b/api_docs/kbn_lens_embeddable_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-lens-embeddable-utils title: "@kbn/lens-embeddable-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/lens-embeddable-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/lens-embeddable-utils'] --- import kbnLensEmbeddableUtilsObj from './kbn_lens_embeddable_utils.devdocs.json'; diff --git a/api_docs/kbn_lens_formula_docs.mdx b/api_docs/kbn_lens_formula_docs.mdx index 9367be4134855..ea64fc29ae107 100644 --- a/api_docs/kbn_lens_formula_docs.mdx +++ b/api_docs/kbn_lens_formula_docs.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-lens-formula-docs title: "@kbn/lens-formula-docs" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/lens-formula-docs plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/lens-formula-docs'] --- import kbnLensFormulaDocsObj from './kbn_lens_formula_docs.devdocs.json'; diff --git a/api_docs/kbn_logging.mdx b/api_docs/kbn_logging.mdx index 936376faf2149..d8cffe4ccc85e 100644 --- a/api_docs/kbn_logging.mdx +++ b/api_docs/kbn_logging.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-logging title: "@kbn/logging" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/logging plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/logging'] --- import kbnLoggingObj from './kbn_logging.devdocs.json'; diff --git a/api_docs/kbn_logging_mocks.mdx b/api_docs/kbn_logging_mocks.mdx index c5f229b02a167..8bc93766c482e 100644 --- a/api_docs/kbn_logging_mocks.mdx +++ b/api_docs/kbn_logging_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-logging-mocks title: "@kbn/logging-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/logging-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/logging-mocks'] --- import kbnLoggingMocksObj from './kbn_logging_mocks.devdocs.json'; diff --git a/api_docs/kbn_managed_content_badge.mdx b/api_docs/kbn_managed_content_badge.mdx index 3f69ae9060b6c..561498e5fed4a 100644 --- a/api_docs/kbn_managed_content_badge.mdx +++ b/api_docs/kbn_managed_content_badge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-managed-content-badge title: "@kbn/managed-content-badge" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/managed-content-badge plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/managed-content-badge'] --- import kbnManagedContentBadgeObj from './kbn_managed_content_badge.devdocs.json'; diff --git a/api_docs/kbn_managed_vscode_config.mdx b/api_docs/kbn_managed_vscode_config.mdx index 60d972aa72823..e4d60bd081150 100644 --- a/api_docs/kbn_managed_vscode_config.mdx +++ b/api_docs/kbn_managed_vscode_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-managed-vscode-config title: "@kbn/managed-vscode-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/managed-vscode-config plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/managed-vscode-config'] --- import kbnManagedVscodeConfigObj from './kbn_managed_vscode_config.devdocs.json'; diff --git a/api_docs/kbn_management_cards_navigation.devdocs.json b/api_docs/kbn_management_cards_navigation.devdocs.json index 1b27bb9518cfd..869f8b691b806 100644 --- a/api_docs/kbn_management_cards_navigation.devdocs.json +++ b/api_docs/kbn_management_cards_navigation.devdocs.json @@ -145,7 +145,7 @@ "label": "hideLinksTo", "description": [], "signature": [ - "(\"transform\" | \"tags\" | \"maintenanceWindows\" | \"dataViews\" | \"spaces\" | \"settings\" | \"data_quality\" | \"filesManagement\" | \"roles\" | \"reporting\" | \"api_keys\" | \"index_management\" | \"ingest_pipelines\" | \"jobsListLink\" | \"objects\" | \"pipelines\" | \"triggersActions\" | \"triggersActionsConnectors\")[] | undefined" + "(\"transform\" | \"tags\" | \"maintenanceWindows\" | \"dataViews\" | \"spaces\" | \"settings\" | \"data_quality\" | \"data_usage\" | \"filesManagement\" | \"roles\" | \"reporting\" | \"api_keys\" | \"index_management\" | \"ingest_pipelines\" | \"jobsListLink\" | \"objects\" | \"pipelines\" | \"triggersActions\" | \"triggersActionsConnectors\")[] | undefined" ], "path": "packages/kbn-management/cards_navigation/src/types.ts", "deprecated": false, @@ -202,7 +202,7 @@ "label": "AppId", "description": [], "signature": [ - "\"transform\" | \"tags\" | \"maintenanceWindows\" | \"dataViews\" | \"spaces\" | \"settings\" | \"data_quality\" | \"filesManagement\" | \"roles\" | \"reporting\" | \"api_keys\" | \"index_management\" | \"ingest_pipelines\" | \"jobsListLink\" | \"objects\" | \"pipelines\" | \"triggersActions\" | \"triggersActionsConnectors\"" + "\"transform\" | \"tags\" | \"maintenanceWindows\" | \"dataViews\" | \"spaces\" | \"settings\" | \"data_quality\" | \"data_usage\" | \"filesManagement\" | \"roles\" | \"reporting\" | \"api_keys\" | \"index_management\" | \"ingest_pipelines\" | \"jobsListLink\" | \"objects\" | \"pipelines\" | \"triggersActions\" | \"triggersActionsConnectors\"" ], "path": "packages/kbn-management/cards_navigation/src/types.ts", "deprecated": false, diff --git a/api_docs/kbn_management_cards_navigation.mdx b/api_docs/kbn_management_cards_navigation.mdx index 80e1fcde1a2f8..92e1e9bfb8567 100644 --- a/api_docs/kbn_management_cards_navigation.mdx +++ b/api_docs/kbn_management_cards_navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-cards-navigation title: "@kbn/management-cards-navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-cards-navigation plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-cards-navigation'] --- import kbnManagementCardsNavigationObj from './kbn_management_cards_navigation.devdocs.json'; diff --git a/api_docs/kbn_management_settings_application.mdx b/api_docs/kbn_management_settings_application.mdx index 79d565f48f33a..bd69288458650 100644 --- a/api_docs/kbn_management_settings_application.mdx +++ b/api_docs/kbn_management_settings_application.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-application title: "@kbn/management-settings-application" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-application plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-application'] --- import kbnManagementSettingsApplicationObj from './kbn_management_settings_application.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_field_category.mdx b/api_docs/kbn_management_settings_components_field_category.mdx index c69c42b420edf..64992b8b4fa5e 100644 --- a/api_docs/kbn_management_settings_components_field_category.mdx +++ b/api_docs/kbn_management_settings_components_field_category.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-field-category title: "@kbn/management-settings-components-field-category" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-field-category plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-field-category'] --- import kbnManagementSettingsComponentsFieldCategoryObj from './kbn_management_settings_components_field_category.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_field_input.mdx b/api_docs/kbn_management_settings_components_field_input.mdx index b3369c57bd9a3..f2e83f90fd4d3 100644 --- a/api_docs/kbn_management_settings_components_field_input.mdx +++ b/api_docs/kbn_management_settings_components_field_input.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-field-input title: "@kbn/management-settings-components-field-input" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-field-input plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-field-input'] --- import kbnManagementSettingsComponentsFieldInputObj from './kbn_management_settings_components_field_input.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_field_row.mdx b/api_docs/kbn_management_settings_components_field_row.mdx index d6ef1a355fd59..9f53a5b60ec0d 100644 --- a/api_docs/kbn_management_settings_components_field_row.mdx +++ b/api_docs/kbn_management_settings_components_field_row.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-field-row title: "@kbn/management-settings-components-field-row" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-field-row plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-field-row'] --- import kbnManagementSettingsComponentsFieldRowObj from './kbn_management_settings_components_field_row.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_form.mdx b/api_docs/kbn_management_settings_components_form.mdx index cd9fed3c971e2..3fc1641619df5 100644 --- a/api_docs/kbn_management_settings_components_form.mdx +++ b/api_docs/kbn_management_settings_components_form.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-form title: "@kbn/management-settings-components-form" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-form plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-form'] --- import kbnManagementSettingsComponentsFormObj from './kbn_management_settings_components_form.devdocs.json'; diff --git a/api_docs/kbn_management_settings_field_definition.mdx b/api_docs/kbn_management_settings_field_definition.mdx index 5baac64dc8810..4a12af56fbcbf 100644 --- a/api_docs/kbn_management_settings_field_definition.mdx +++ b/api_docs/kbn_management_settings_field_definition.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-field-definition title: "@kbn/management-settings-field-definition" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-field-definition plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-field-definition'] --- import kbnManagementSettingsFieldDefinitionObj from './kbn_management_settings_field_definition.devdocs.json'; diff --git a/api_docs/kbn_management_settings_ids.mdx b/api_docs/kbn_management_settings_ids.mdx index cbe76833a7126..32c8a42e879cf 100644 --- a/api_docs/kbn_management_settings_ids.mdx +++ b/api_docs/kbn_management_settings_ids.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-ids title: "@kbn/management-settings-ids" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-ids plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-ids'] --- import kbnManagementSettingsIdsObj from './kbn_management_settings_ids.devdocs.json'; diff --git a/api_docs/kbn_management_settings_section_registry.mdx b/api_docs/kbn_management_settings_section_registry.mdx index cf1f13590015a..37cfbf9a6ee5a 100644 --- a/api_docs/kbn_management_settings_section_registry.mdx +++ b/api_docs/kbn_management_settings_section_registry.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-section-registry title: "@kbn/management-settings-section-registry" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-section-registry plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-section-registry'] --- import kbnManagementSettingsSectionRegistryObj from './kbn_management_settings_section_registry.devdocs.json'; diff --git a/api_docs/kbn_management_settings_types.mdx b/api_docs/kbn_management_settings_types.mdx index 8c1930a20a4dd..7fe34f1f7499e 100644 --- a/api_docs/kbn_management_settings_types.mdx +++ b/api_docs/kbn_management_settings_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-types title: "@kbn/management-settings-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-types plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-types'] --- import kbnManagementSettingsTypesObj from './kbn_management_settings_types.devdocs.json'; diff --git a/api_docs/kbn_management_settings_utilities.mdx b/api_docs/kbn_management_settings_utilities.mdx index 9086184f6b4bf..147aca08d1c80 100644 --- a/api_docs/kbn_management_settings_utilities.mdx +++ b/api_docs/kbn_management_settings_utilities.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-utilities title: "@kbn/management-settings-utilities" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-utilities plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-utilities'] --- import kbnManagementSettingsUtilitiesObj from './kbn_management_settings_utilities.devdocs.json'; diff --git a/api_docs/kbn_management_storybook_config.mdx b/api_docs/kbn_management_storybook_config.mdx index da24aae81f4fb..cee63cb3e1cb1 100644 --- a/api_docs/kbn_management_storybook_config.mdx +++ b/api_docs/kbn_management_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-storybook-config title: "@kbn/management-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-storybook-config plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-storybook-config'] --- import kbnManagementStorybookConfigObj from './kbn_management_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_mapbox_gl.devdocs.json b/api_docs/kbn_mapbox_gl.devdocs.json index 10fac656166ee..cf9525be91e6e 100644 --- a/api_docs/kbn_mapbox_gl.devdocs.json +++ b/api_docs/kbn_mapbox_gl.devdocs.json @@ -8733,7 +8733,7 @@ "label": "renderingMode", "description": [], "signature": [ - "\"2d\" | \"3d\" | undefined" + "\"3d\" | \"2d\" | undefined" ], "path": "node_modules/maplibre-gl/dist/maplibre-gl.d.ts", "deprecated": false, diff --git a/api_docs/kbn_mapbox_gl.mdx b/api_docs/kbn_mapbox_gl.mdx index 642196c7d3673..8608dc57bc6a7 100644 --- a/api_docs/kbn_mapbox_gl.mdx +++ b/api_docs/kbn_mapbox_gl.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-mapbox-gl title: "@kbn/mapbox-gl" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/mapbox-gl plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/mapbox-gl'] --- import kbnMapboxGlObj from './kbn_mapbox_gl.devdocs.json'; diff --git a/api_docs/kbn_maps_vector_tile_utils.mdx b/api_docs/kbn_maps_vector_tile_utils.mdx index eb136dce3e2e4..0c5af93071e02 100644 --- a/api_docs/kbn_maps_vector_tile_utils.mdx +++ b/api_docs/kbn_maps_vector_tile_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-maps-vector-tile-utils title: "@kbn/maps-vector-tile-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/maps-vector-tile-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/maps-vector-tile-utils'] --- import kbnMapsVectorTileUtilsObj from './kbn_maps_vector_tile_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_agg_utils.mdx b/api_docs/kbn_ml_agg_utils.mdx index 558638e7e781c..4c113b69ed52d 100644 --- a/api_docs/kbn_ml_agg_utils.mdx +++ b/api_docs/kbn_ml_agg_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-agg-utils title: "@kbn/ml-agg-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-agg-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-agg-utils'] --- import kbnMlAggUtilsObj from './kbn_ml_agg_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_anomaly_utils.mdx b/api_docs/kbn_ml_anomaly_utils.mdx index 0adac52f79354..0302a54f6d0c1 100644 --- a/api_docs/kbn_ml_anomaly_utils.mdx +++ b/api_docs/kbn_ml_anomaly_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-anomaly-utils title: "@kbn/ml-anomaly-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-anomaly-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-anomaly-utils'] --- import kbnMlAnomalyUtilsObj from './kbn_ml_anomaly_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_cancellable_search.mdx b/api_docs/kbn_ml_cancellable_search.mdx index 733d6d21221e9..330bbc438ebf4 100644 --- a/api_docs/kbn_ml_cancellable_search.mdx +++ b/api_docs/kbn_ml_cancellable_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-cancellable-search title: "@kbn/ml-cancellable-search" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-cancellable-search plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-cancellable-search'] --- import kbnMlCancellableSearchObj from './kbn_ml_cancellable_search.devdocs.json'; diff --git a/api_docs/kbn_ml_category_validator.mdx b/api_docs/kbn_ml_category_validator.mdx index 927bfe887d6c3..8428901ef144a 100644 --- a/api_docs/kbn_ml_category_validator.mdx +++ b/api_docs/kbn_ml_category_validator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-category-validator title: "@kbn/ml-category-validator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-category-validator plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-category-validator'] --- import kbnMlCategoryValidatorObj from './kbn_ml_category_validator.devdocs.json'; diff --git a/api_docs/kbn_ml_chi2test.mdx b/api_docs/kbn_ml_chi2test.mdx index d33c68e7abddb..cec9210edece5 100644 --- a/api_docs/kbn_ml_chi2test.mdx +++ b/api_docs/kbn_ml_chi2test.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-chi2test title: "@kbn/ml-chi2test" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-chi2test plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-chi2test'] --- import kbnMlChi2testObj from './kbn_ml_chi2test.devdocs.json'; diff --git a/api_docs/kbn_ml_data_frame_analytics_utils.mdx b/api_docs/kbn_ml_data_frame_analytics_utils.mdx index f4b884dd5870c..eee4921d398f3 100644 --- a/api_docs/kbn_ml_data_frame_analytics_utils.mdx +++ b/api_docs/kbn_ml_data_frame_analytics_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-data-frame-analytics-utils title: "@kbn/ml-data-frame-analytics-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-data-frame-analytics-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-data-frame-analytics-utils'] --- import kbnMlDataFrameAnalyticsUtilsObj from './kbn_ml_data_frame_analytics_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_data_grid.mdx b/api_docs/kbn_ml_data_grid.mdx index b45f594bc0aee..6249238c7100e 100644 --- a/api_docs/kbn_ml_data_grid.mdx +++ b/api_docs/kbn_ml_data_grid.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-data-grid title: "@kbn/ml-data-grid" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-data-grid plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-data-grid'] --- import kbnMlDataGridObj from './kbn_ml_data_grid.devdocs.json'; diff --git a/api_docs/kbn_ml_date_picker.mdx b/api_docs/kbn_ml_date_picker.mdx index f1a14b5f023ea..83bcbb3817b0f 100644 --- a/api_docs/kbn_ml_date_picker.mdx +++ b/api_docs/kbn_ml_date_picker.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-date-picker title: "@kbn/ml-date-picker" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-date-picker plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-date-picker'] --- import kbnMlDatePickerObj from './kbn_ml_date_picker.devdocs.json'; diff --git a/api_docs/kbn_ml_date_utils.mdx b/api_docs/kbn_ml_date_utils.mdx index 39fcbdcb8f8d4..fbbe0626d1b25 100644 --- a/api_docs/kbn_ml_date_utils.mdx +++ b/api_docs/kbn_ml_date_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-date-utils title: "@kbn/ml-date-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-date-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-date-utils'] --- import kbnMlDateUtilsObj from './kbn_ml_date_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_error_utils.mdx b/api_docs/kbn_ml_error_utils.mdx index 186e3e12be604..4d8967ce4716d 100644 --- a/api_docs/kbn_ml_error_utils.mdx +++ b/api_docs/kbn_ml_error_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-error-utils title: "@kbn/ml-error-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-error-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-error-utils'] --- import kbnMlErrorUtilsObj from './kbn_ml_error_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_in_memory_table.mdx b/api_docs/kbn_ml_in_memory_table.mdx index 5f23961e8f191..cf72734da4aff 100644 --- a/api_docs/kbn_ml_in_memory_table.mdx +++ b/api_docs/kbn_ml_in_memory_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-in-memory-table title: "@kbn/ml-in-memory-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-in-memory-table plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-in-memory-table'] --- import kbnMlInMemoryTableObj from './kbn_ml_in_memory_table.devdocs.json'; diff --git a/api_docs/kbn_ml_is_defined.mdx b/api_docs/kbn_ml_is_defined.mdx index fe1628cac7bee..d60a2105d1a09 100644 --- a/api_docs/kbn_ml_is_defined.mdx +++ b/api_docs/kbn_ml_is_defined.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-is-defined title: "@kbn/ml-is-defined" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-is-defined plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-is-defined'] --- import kbnMlIsDefinedObj from './kbn_ml_is_defined.devdocs.json'; diff --git a/api_docs/kbn_ml_is_populated_object.mdx b/api_docs/kbn_ml_is_populated_object.mdx index 1c2db63f660d1..c771ed4b4d36b 100644 --- a/api_docs/kbn_ml_is_populated_object.mdx +++ b/api_docs/kbn_ml_is_populated_object.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-is-populated-object title: "@kbn/ml-is-populated-object" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-is-populated-object plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-is-populated-object'] --- import kbnMlIsPopulatedObjectObj from './kbn_ml_is_populated_object.devdocs.json'; diff --git a/api_docs/kbn_ml_kibana_theme.mdx b/api_docs/kbn_ml_kibana_theme.mdx index 7605c416504a2..0b53670964b75 100644 --- a/api_docs/kbn_ml_kibana_theme.mdx +++ b/api_docs/kbn_ml_kibana_theme.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-kibana-theme title: "@kbn/ml-kibana-theme" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-kibana-theme plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-kibana-theme'] --- import kbnMlKibanaThemeObj from './kbn_ml_kibana_theme.devdocs.json'; diff --git a/api_docs/kbn_ml_local_storage.mdx b/api_docs/kbn_ml_local_storage.mdx index cf4dcdae6d300..f4492fc4f7e1d 100644 --- a/api_docs/kbn_ml_local_storage.mdx +++ b/api_docs/kbn_ml_local_storage.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-local-storage title: "@kbn/ml-local-storage" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-local-storage plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-local-storage'] --- import kbnMlLocalStorageObj from './kbn_ml_local_storage.devdocs.json'; diff --git a/api_docs/kbn_ml_nested_property.mdx b/api_docs/kbn_ml_nested_property.mdx index 33e5fc2f318f4..f11a3dbc91b40 100644 --- a/api_docs/kbn_ml_nested_property.mdx +++ b/api_docs/kbn_ml_nested_property.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-nested-property title: "@kbn/ml-nested-property" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-nested-property plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-nested-property'] --- import kbnMlNestedPropertyObj from './kbn_ml_nested_property.devdocs.json'; diff --git a/api_docs/kbn_ml_number_utils.mdx b/api_docs/kbn_ml_number_utils.mdx index ed18d5de8ffa9..7078beea82198 100644 --- a/api_docs/kbn_ml_number_utils.mdx +++ b/api_docs/kbn_ml_number_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-number-utils title: "@kbn/ml-number-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-number-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-number-utils'] --- import kbnMlNumberUtilsObj from './kbn_ml_number_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_query_utils.mdx b/api_docs/kbn_ml_query_utils.mdx index adcdab37beb98..b7e43de80739d 100644 --- a/api_docs/kbn_ml_query_utils.mdx +++ b/api_docs/kbn_ml_query_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-query-utils title: "@kbn/ml-query-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-query-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-query-utils'] --- import kbnMlQueryUtilsObj from './kbn_ml_query_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_random_sampler_utils.mdx b/api_docs/kbn_ml_random_sampler_utils.mdx index 577808927d805..1d5fef27ddf5e 100644 --- a/api_docs/kbn_ml_random_sampler_utils.mdx +++ b/api_docs/kbn_ml_random_sampler_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-random-sampler-utils title: "@kbn/ml-random-sampler-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-random-sampler-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-random-sampler-utils'] --- import kbnMlRandomSamplerUtilsObj from './kbn_ml_random_sampler_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_route_utils.mdx b/api_docs/kbn_ml_route_utils.mdx index 923266c043ff4..4ac3d0802dd8e 100644 --- a/api_docs/kbn_ml_route_utils.mdx +++ b/api_docs/kbn_ml_route_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-route-utils title: "@kbn/ml-route-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-route-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-route-utils'] --- import kbnMlRouteUtilsObj from './kbn_ml_route_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_runtime_field_utils.mdx b/api_docs/kbn_ml_runtime_field_utils.mdx index 82e4b64689ae4..9c62d8e102ceb 100644 --- a/api_docs/kbn_ml_runtime_field_utils.mdx +++ b/api_docs/kbn_ml_runtime_field_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-runtime-field-utils title: "@kbn/ml-runtime-field-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-runtime-field-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-runtime-field-utils'] --- import kbnMlRuntimeFieldUtilsObj from './kbn_ml_runtime_field_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_string_hash.mdx b/api_docs/kbn_ml_string_hash.mdx index d592d60b040d8..c5fd2c474a42e 100644 --- a/api_docs/kbn_ml_string_hash.mdx +++ b/api_docs/kbn_ml_string_hash.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-string-hash title: "@kbn/ml-string-hash" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-string-hash plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-string-hash'] --- import kbnMlStringHashObj from './kbn_ml_string_hash.devdocs.json'; diff --git a/api_docs/kbn_ml_time_buckets.mdx b/api_docs/kbn_ml_time_buckets.mdx index 767952ccd817d..e2c52a88f341f 100644 --- a/api_docs/kbn_ml_time_buckets.mdx +++ b/api_docs/kbn_ml_time_buckets.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-time-buckets title: "@kbn/ml-time-buckets" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-time-buckets plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-time-buckets'] --- import kbnMlTimeBucketsObj from './kbn_ml_time_buckets.devdocs.json'; diff --git a/api_docs/kbn_ml_trained_models_utils.mdx b/api_docs/kbn_ml_trained_models_utils.mdx index 5b38e9620f08c..e6455263686a9 100644 --- a/api_docs/kbn_ml_trained_models_utils.mdx +++ b/api_docs/kbn_ml_trained_models_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-trained-models-utils title: "@kbn/ml-trained-models-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-trained-models-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-trained-models-utils'] --- import kbnMlTrainedModelsUtilsObj from './kbn_ml_trained_models_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_ui_actions.mdx b/api_docs/kbn_ml_ui_actions.mdx index 81160cda55931..a46f15a08be6d 100644 --- a/api_docs/kbn_ml_ui_actions.mdx +++ b/api_docs/kbn_ml_ui_actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-ui-actions title: "@kbn/ml-ui-actions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-ui-actions plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-ui-actions'] --- import kbnMlUiActionsObj from './kbn_ml_ui_actions.devdocs.json'; diff --git a/api_docs/kbn_ml_url_state.mdx b/api_docs/kbn_ml_url_state.mdx index 920f89ff44ba2..19c30dd290bdf 100644 --- a/api_docs/kbn_ml_url_state.mdx +++ b/api_docs/kbn_ml_url_state.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-url-state title: "@kbn/ml-url-state" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-url-state plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-url-state'] --- import kbnMlUrlStateObj from './kbn_ml_url_state.devdocs.json'; diff --git a/api_docs/kbn_mock_idp_utils.mdx b/api_docs/kbn_mock_idp_utils.mdx index c6b25105d30ed..626f33e40318b 100644 --- a/api_docs/kbn_mock_idp_utils.mdx +++ b/api_docs/kbn_mock_idp_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-mock-idp-utils title: "@kbn/mock-idp-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/mock-idp-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/mock-idp-utils'] --- import kbnMockIdpUtilsObj from './kbn_mock_idp_utils.devdocs.json'; diff --git a/api_docs/kbn_monaco.mdx b/api_docs/kbn_monaco.mdx index 809f1382c71c0..967b9dc9b0a5f 100644 --- a/api_docs/kbn_monaco.mdx +++ b/api_docs/kbn_monaco.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-monaco title: "@kbn/monaco" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/monaco plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/monaco'] --- import kbnMonacoObj from './kbn_monaco.devdocs.json'; diff --git a/api_docs/kbn_object_versioning.mdx b/api_docs/kbn_object_versioning.mdx index a0c7a18f0a5c1..3951f8e7a0410 100644 --- a/api_docs/kbn_object_versioning.mdx +++ b/api_docs/kbn_object_versioning.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-object-versioning title: "@kbn/object-versioning" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/object-versioning plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/object-versioning'] --- import kbnObjectVersioningObj from './kbn_object_versioning.devdocs.json'; diff --git a/api_docs/kbn_object_versioning_utils.mdx b/api_docs/kbn_object_versioning_utils.mdx index 4deb4ddc5aa27..3217a9f73542b 100644 --- a/api_docs/kbn_object_versioning_utils.mdx +++ b/api_docs/kbn_object_versioning_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-object-versioning-utils title: "@kbn/object-versioning-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/object-versioning-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/object-versioning-utils'] --- import kbnObjectVersioningUtilsObj from './kbn_object_versioning_utils.devdocs.json'; diff --git a/api_docs/kbn_observability_alert_details.mdx b/api_docs/kbn_observability_alert_details.mdx index f1d85461ba167..2b4e94b45cfa3 100644 --- a/api_docs/kbn_observability_alert_details.mdx +++ b/api_docs/kbn_observability_alert_details.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-alert-details title: "@kbn/observability-alert-details" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-alert-details plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-alert-details'] --- import kbnObservabilityAlertDetailsObj from './kbn_observability_alert_details.devdocs.json'; diff --git a/api_docs/kbn_observability_alerting_rule_utils.mdx b/api_docs/kbn_observability_alerting_rule_utils.mdx index 629b672985969..dd36cbc2aa500 100644 --- a/api_docs/kbn_observability_alerting_rule_utils.mdx +++ b/api_docs/kbn_observability_alerting_rule_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-alerting-rule-utils title: "@kbn/observability-alerting-rule-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-alerting-rule-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-alerting-rule-utils'] --- import kbnObservabilityAlertingRuleUtilsObj from './kbn_observability_alerting_rule_utils.devdocs.json'; diff --git a/api_docs/kbn_observability_alerting_test_data.mdx b/api_docs/kbn_observability_alerting_test_data.mdx index ffd5717b8e270..560d2ee996014 100644 --- a/api_docs/kbn_observability_alerting_test_data.mdx +++ b/api_docs/kbn_observability_alerting_test_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-alerting-test-data title: "@kbn/observability-alerting-test-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-alerting-test-data plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-alerting-test-data'] --- import kbnObservabilityAlertingTestDataObj from './kbn_observability_alerting_test_data.devdocs.json'; diff --git a/api_docs/kbn_observability_get_padded_alert_time_range_util.mdx b/api_docs/kbn_observability_get_padded_alert_time_range_util.mdx index 5a82a3f0e8efe..a1bba7021a37e 100644 --- a/api_docs/kbn_observability_get_padded_alert_time_range_util.mdx +++ b/api_docs/kbn_observability_get_padded_alert_time_range_util.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-get-padded-alert-time-range-util title: "@kbn/observability-get-padded-alert-time-range-util" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-get-padded-alert-time-range-util plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-get-padded-alert-time-range-util'] --- import kbnObservabilityGetPaddedAlertTimeRangeUtilObj from './kbn_observability_get_padded_alert_time_range_util.devdocs.json'; diff --git a/api_docs/kbn_openapi_bundler.mdx b/api_docs/kbn_openapi_bundler.mdx index cd77861744f97..5ade1ce96ac66 100644 --- a/api_docs/kbn_openapi_bundler.mdx +++ b/api_docs/kbn_openapi_bundler.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-openapi-bundler title: "@kbn/openapi-bundler" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/openapi-bundler plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/openapi-bundler'] --- import kbnOpenapiBundlerObj from './kbn_openapi_bundler.devdocs.json'; diff --git a/api_docs/kbn_openapi_generator.mdx b/api_docs/kbn_openapi_generator.mdx index 9bd38f08ce5b5..71e36a7054d43 100644 --- a/api_docs/kbn_openapi_generator.mdx +++ b/api_docs/kbn_openapi_generator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-openapi-generator title: "@kbn/openapi-generator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/openapi-generator plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/openapi-generator'] --- import kbnOpenapiGeneratorObj from './kbn_openapi_generator.devdocs.json'; diff --git a/api_docs/kbn_optimizer.mdx b/api_docs/kbn_optimizer.mdx index 2093b286ae2d8..9dd0338036648 100644 --- a/api_docs/kbn_optimizer.mdx +++ b/api_docs/kbn_optimizer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-optimizer title: "@kbn/optimizer" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/optimizer plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/optimizer'] --- import kbnOptimizerObj from './kbn_optimizer.devdocs.json'; diff --git a/api_docs/kbn_optimizer_webpack_helpers.mdx b/api_docs/kbn_optimizer_webpack_helpers.mdx index 7d45db1a0a08b..c61c32e1d4d76 100644 --- a/api_docs/kbn_optimizer_webpack_helpers.mdx +++ b/api_docs/kbn_optimizer_webpack_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-optimizer-webpack-helpers title: "@kbn/optimizer-webpack-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/optimizer-webpack-helpers plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/optimizer-webpack-helpers'] --- import kbnOptimizerWebpackHelpersObj from './kbn_optimizer_webpack_helpers.devdocs.json'; diff --git a/api_docs/kbn_osquery_io_ts_types.mdx b/api_docs/kbn_osquery_io_ts_types.mdx index bfebd00974ec0..783c3e9fdebe1 100644 --- a/api_docs/kbn_osquery_io_ts_types.mdx +++ b/api_docs/kbn_osquery_io_ts_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-osquery-io-ts-types title: "@kbn/osquery-io-ts-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/osquery-io-ts-types plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/osquery-io-ts-types'] --- import kbnOsqueryIoTsTypesObj from './kbn_osquery_io_ts_types.devdocs.json'; diff --git a/api_docs/kbn_panel_loader.mdx b/api_docs/kbn_panel_loader.mdx index 45002bca53498..f84e89b2cd9e8 100644 --- a/api_docs/kbn_panel_loader.mdx +++ b/api_docs/kbn_panel_loader.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-panel-loader title: "@kbn/panel-loader" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/panel-loader plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/panel-loader'] --- import kbnPanelLoaderObj from './kbn_panel_loader.devdocs.json'; diff --git a/api_docs/kbn_performance_testing_dataset_extractor.mdx b/api_docs/kbn_performance_testing_dataset_extractor.mdx index b8cfa2885df7f..74f0ba2a3e699 100644 --- a/api_docs/kbn_performance_testing_dataset_extractor.mdx +++ b/api_docs/kbn_performance_testing_dataset_extractor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-performance-testing-dataset-extractor title: "@kbn/performance-testing-dataset-extractor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/performance-testing-dataset-extractor plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/performance-testing-dataset-extractor'] --- import kbnPerformanceTestingDatasetExtractorObj from './kbn_performance_testing_dataset_extractor.devdocs.json'; diff --git a/api_docs/kbn_plugin_check.mdx b/api_docs/kbn_plugin_check.mdx index b1854ebe274a9..96938025d5f12 100644 --- a/api_docs/kbn_plugin_check.mdx +++ b/api_docs/kbn_plugin_check.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-plugin-check title: "@kbn/plugin-check" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/plugin-check plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/plugin-check'] --- import kbnPluginCheckObj from './kbn_plugin_check.devdocs.json'; diff --git a/api_docs/kbn_plugin_generator.mdx b/api_docs/kbn_plugin_generator.mdx index 6d0f28469f641..a2b4440e01cd9 100644 --- a/api_docs/kbn_plugin_generator.mdx +++ b/api_docs/kbn_plugin_generator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-plugin-generator title: "@kbn/plugin-generator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/plugin-generator plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/plugin-generator'] --- import kbnPluginGeneratorObj from './kbn_plugin_generator.devdocs.json'; diff --git a/api_docs/kbn_plugin_helpers.mdx b/api_docs/kbn_plugin_helpers.mdx index 90d73e90f26d0..e8a5d612921f8 100644 --- a/api_docs/kbn_plugin_helpers.mdx +++ b/api_docs/kbn_plugin_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-plugin-helpers title: "@kbn/plugin-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/plugin-helpers plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/plugin-helpers'] --- import kbnPluginHelpersObj from './kbn_plugin_helpers.devdocs.json'; diff --git a/api_docs/kbn_presentation_containers.mdx b/api_docs/kbn_presentation_containers.mdx index fc2b7652fd7ec..093268d1c5e48 100644 --- a/api_docs/kbn_presentation_containers.mdx +++ b/api_docs/kbn_presentation_containers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-presentation-containers title: "@kbn/presentation-containers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/presentation-containers plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/presentation-containers'] --- import kbnPresentationContainersObj from './kbn_presentation_containers.devdocs.json'; diff --git a/api_docs/kbn_presentation_publishing.mdx b/api_docs/kbn_presentation_publishing.mdx index 5c969f8d4da73..e52d6723bc59e 100644 --- a/api_docs/kbn_presentation_publishing.mdx +++ b/api_docs/kbn_presentation_publishing.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-presentation-publishing title: "@kbn/presentation-publishing" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/presentation-publishing plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/presentation-publishing'] --- import kbnPresentationPublishingObj from './kbn_presentation_publishing.devdocs.json'; diff --git a/api_docs/kbn_profiling_utils.mdx b/api_docs/kbn_profiling_utils.mdx index 2daa1c5964f0a..f1526632ac998 100644 --- a/api_docs/kbn_profiling_utils.mdx +++ b/api_docs/kbn_profiling_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-profiling-utils title: "@kbn/profiling-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/profiling-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/profiling-utils'] --- import kbnProfilingUtilsObj from './kbn_profiling_utils.devdocs.json'; diff --git a/api_docs/kbn_random_sampling.mdx b/api_docs/kbn_random_sampling.mdx index 5f624393e584b..c5c501bbd0468 100644 --- a/api_docs/kbn_random_sampling.mdx +++ b/api_docs/kbn_random_sampling.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-random-sampling title: "@kbn/random-sampling" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/random-sampling plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/random-sampling'] --- import kbnRandomSamplingObj from './kbn_random_sampling.devdocs.json'; diff --git a/api_docs/kbn_react_field.mdx b/api_docs/kbn_react_field.mdx index e66a6cc5f24f5..43507c21c5d55 100644 --- a/api_docs/kbn_react_field.mdx +++ b/api_docs/kbn_react_field.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-field title: "@kbn/react-field" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-field plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-field'] --- import kbnReactFieldObj from './kbn_react_field.devdocs.json'; diff --git a/api_docs/kbn_react_hooks.mdx b/api_docs/kbn_react_hooks.mdx index dc26801aa4696..7a025fb416b72 100644 --- a/api_docs/kbn_react_hooks.mdx +++ b/api_docs/kbn_react_hooks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-hooks title: "@kbn/react-hooks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-hooks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-hooks'] --- import kbnReactHooksObj from './kbn_react_hooks.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_common.mdx b/api_docs/kbn_react_kibana_context_common.mdx index 3c971288d0de6..3d5f558bfcdc3 100644 --- a/api_docs/kbn_react_kibana_context_common.mdx +++ b/api_docs/kbn_react_kibana_context_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-common title: "@kbn/react-kibana-context-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-common'] --- import kbnReactKibanaContextCommonObj from './kbn_react_kibana_context_common.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_render.mdx b/api_docs/kbn_react_kibana_context_render.mdx index 76bee416ffdb6..6a4070152d7b2 100644 --- a/api_docs/kbn_react_kibana_context_render.mdx +++ b/api_docs/kbn_react_kibana_context_render.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-render title: "@kbn/react-kibana-context-render" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-render plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-render'] --- import kbnReactKibanaContextRenderObj from './kbn_react_kibana_context_render.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_root.mdx b/api_docs/kbn_react_kibana_context_root.mdx index 0887653680695..17427b1839000 100644 --- a/api_docs/kbn_react_kibana_context_root.mdx +++ b/api_docs/kbn_react_kibana_context_root.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-root title: "@kbn/react-kibana-context-root" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-root plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-root'] --- import kbnReactKibanaContextRootObj from './kbn_react_kibana_context_root.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_styled.mdx b/api_docs/kbn_react_kibana_context_styled.mdx index d39775c4ec781..c14c49f13bf2c 100644 --- a/api_docs/kbn_react_kibana_context_styled.mdx +++ b/api_docs/kbn_react_kibana_context_styled.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-styled title: "@kbn/react-kibana-context-styled" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-styled plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-styled'] --- import kbnReactKibanaContextStyledObj from './kbn_react_kibana_context_styled.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_theme.mdx b/api_docs/kbn_react_kibana_context_theme.mdx index 0a37e0f587f1e..b43391865cd14 100644 --- a/api_docs/kbn_react_kibana_context_theme.mdx +++ b/api_docs/kbn_react_kibana_context_theme.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-theme title: "@kbn/react-kibana-context-theme" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-theme plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-theme'] --- import kbnReactKibanaContextThemeObj from './kbn_react_kibana_context_theme.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_mount.mdx b/api_docs/kbn_react_kibana_mount.mdx index 4d9a1433cfde7..b28ede79412b5 100644 --- a/api_docs/kbn_react_kibana_mount.mdx +++ b/api_docs/kbn_react_kibana_mount.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-mount title: "@kbn/react-kibana-mount" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-mount plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-mount'] --- import kbnReactKibanaMountObj from './kbn_react_kibana_mount.devdocs.json'; diff --git a/api_docs/kbn_recently_accessed.mdx b/api_docs/kbn_recently_accessed.mdx index 9be84259120c0..013f293e89ad0 100644 --- a/api_docs/kbn_recently_accessed.mdx +++ b/api_docs/kbn_recently_accessed.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-recently-accessed title: "@kbn/recently-accessed" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/recently-accessed plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/recently-accessed'] --- import kbnRecentlyAccessedObj from './kbn_recently_accessed.devdocs.json'; diff --git a/api_docs/kbn_repo_file_maps.mdx b/api_docs/kbn_repo_file_maps.mdx index e654411b64f1b..330d2abdb797e 100644 --- a/api_docs/kbn_repo_file_maps.mdx +++ b/api_docs/kbn_repo_file_maps.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-file-maps title: "@kbn/repo-file-maps" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-file-maps plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-file-maps'] --- import kbnRepoFileMapsObj from './kbn_repo_file_maps.devdocs.json'; diff --git a/api_docs/kbn_repo_linter.mdx b/api_docs/kbn_repo_linter.mdx index 080d277171a1d..007dbefecd0d2 100644 --- a/api_docs/kbn_repo_linter.mdx +++ b/api_docs/kbn_repo_linter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-linter title: "@kbn/repo-linter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-linter plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-linter'] --- import kbnRepoLinterObj from './kbn_repo_linter.devdocs.json'; diff --git a/api_docs/kbn_repo_path.mdx b/api_docs/kbn_repo_path.mdx index 64e3668e0e0a6..308a7ef29bb0e 100644 --- a/api_docs/kbn_repo_path.mdx +++ b/api_docs/kbn_repo_path.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-path title: "@kbn/repo-path" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-path plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-path'] --- import kbnRepoPathObj from './kbn_repo_path.devdocs.json'; diff --git a/api_docs/kbn_repo_source_classifier.mdx b/api_docs/kbn_repo_source_classifier.mdx index 21168823a7adf..e29c251a102fd 100644 --- a/api_docs/kbn_repo_source_classifier.mdx +++ b/api_docs/kbn_repo_source_classifier.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-source-classifier title: "@kbn/repo-source-classifier" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-source-classifier plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-source-classifier'] --- import kbnRepoSourceClassifierObj from './kbn_repo_source_classifier.devdocs.json'; diff --git a/api_docs/kbn_reporting_common.mdx b/api_docs/kbn_reporting_common.mdx index 3a681dd16dae2..625fd8b8e6244 100644 --- a/api_docs/kbn_reporting_common.mdx +++ b/api_docs/kbn_reporting_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-common title: "@kbn/reporting-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-common'] --- import kbnReportingCommonObj from './kbn_reporting_common.devdocs.json'; diff --git a/api_docs/kbn_reporting_csv_share_panel.mdx b/api_docs/kbn_reporting_csv_share_panel.mdx index 60ee428cb0f93..d066ae0847f95 100644 --- a/api_docs/kbn_reporting_csv_share_panel.mdx +++ b/api_docs/kbn_reporting_csv_share_panel.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-csv-share-panel title: "@kbn/reporting-csv-share-panel" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-csv-share-panel plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-csv-share-panel'] --- import kbnReportingCsvSharePanelObj from './kbn_reporting_csv_share_panel.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_csv.mdx b/api_docs/kbn_reporting_export_types_csv.mdx index 8f69660e42540..db072fbe60154 100644 --- a/api_docs/kbn_reporting_export_types_csv.mdx +++ b/api_docs/kbn_reporting_export_types_csv.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-csv title: "@kbn/reporting-export-types-csv" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-csv plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-csv'] --- import kbnReportingExportTypesCsvObj from './kbn_reporting_export_types_csv.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_csv_common.mdx b/api_docs/kbn_reporting_export_types_csv_common.mdx index 91862c9a49684..22b8aa3f81a79 100644 --- a/api_docs/kbn_reporting_export_types_csv_common.mdx +++ b/api_docs/kbn_reporting_export_types_csv_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-csv-common title: "@kbn/reporting-export-types-csv-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-csv-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-csv-common'] --- import kbnReportingExportTypesCsvCommonObj from './kbn_reporting_export_types_csv_common.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_pdf.mdx b/api_docs/kbn_reporting_export_types_pdf.mdx index 6ac6e415b192e..93d7aa50342ac 100644 --- a/api_docs/kbn_reporting_export_types_pdf.mdx +++ b/api_docs/kbn_reporting_export_types_pdf.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-pdf title: "@kbn/reporting-export-types-pdf" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-pdf plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-pdf'] --- import kbnReportingExportTypesPdfObj from './kbn_reporting_export_types_pdf.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_pdf_common.mdx b/api_docs/kbn_reporting_export_types_pdf_common.mdx index 1479041704c9a..4ab3a75890cd4 100644 --- a/api_docs/kbn_reporting_export_types_pdf_common.mdx +++ b/api_docs/kbn_reporting_export_types_pdf_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-pdf-common title: "@kbn/reporting-export-types-pdf-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-pdf-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-pdf-common'] --- import kbnReportingExportTypesPdfCommonObj from './kbn_reporting_export_types_pdf_common.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_png.mdx b/api_docs/kbn_reporting_export_types_png.mdx index daf68624e2598..a8d72e96ab6df 100644 --- a/api_docs/kbn_reporting_export_types_png.mdx +++ b/api_docs/kbn_reporting_export_types_png.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-png title: "@kbn/reporting-export-types-png" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-png plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-png'] --- import kbnReportingExportTypesPngObj from './kbn_reporting_export_types_png.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_png_common.mdx b/api_docs/kbn_reporting_export_types_png_common.mdx index d602247154bb3..5f62347638c95 100644 --- a/api_docs/kbn_reporting_export_types_png_common.mdx +++ b/api_docs/kbn_reporting_export_types_png_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-png-common title: "@kbn/reporting-export-types-png-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-png-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-png-common'] --- import kbnReportingExportTypesPngCommonObj from './kbn_reporting_export_types_png_common.devdocs.json'; diff --git a/api_docs/kbn_reporting_mocks_server.mdx b/api_docs/kbn_reporting_mocks_server.mdx index 29b488d041146..35dc2dcc5021e 100644 --- a/api_docs/kbn_reporting_mocks_server.mdx +++ b/api_docs/kbn_reporting_mocks_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-mocks-server title: "@kbn/reporting-mocks-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-mocks-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-mocks-server'] --- import kbnReportingMocksServerObj from './kbn_reporting_mocks_server.devdocs.json'; diff --git a/api_docs/kbn_reporting_public.mdx b/api_docs/kbn_reporting_public.mdx index 8cc954e92dc2b..d6e176f90971d 100644 --- a/api_docs/kbn_reporting_public.mdx +++ b/api_docs/kbn_reporting_public.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-public title: "@kbn/reporting-public" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-public plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-public'] --- import kbnReportingPublicObj from './kbn_reporting_public.devdocs.json'; diff --git a/api_docs/kbn_reporting_server.mdx b/api_docs/kbn_reporting_server.mdx index e804939c51c7e..c5839b6e455fa 100644 --- a/api_docs/kbn_reporting_server.mdx +++ b/api_docs/kbn_reporting_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-server title: "@kbn/reporting-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-server'] --- import kbnReportingServerObj from './kbn_reporting_server.devdocs.json'; diff --git a/api_docs/kbn_resizable_layout.mdx b/api_docs/kbn_resizable_layout.mdx index f33cf4c30b5a7..b73272d3ee342 100644 --- a/api_docs/kbn_resizable_layout.mdx +++ b/api_docs/kbn_resizable_layout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-resizable-layout title: "@kbn/resizable-layout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/resizable-layout plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/resizable-layout'] --- import kbnResizableLayoutObj from './kbn_resizable_layout.devdocs.json'; diff --git a/api_docs/kbn_response_ops_feature_flag_service.mdx b/api_docs/kbn_response_ops_feature_flag_service.mdx index e196eec66a1b5..b11bce7147c35 100644 --- a/api_docs/kbn_response_ops_feature_flag_service.mdx +++ b/api_docs/kbn_response_ops_feature_flag_service.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-response-ops-feature-flag-service title: "@kbn/response-ops-feature-flag-service" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/response-ops-feature-flag-service plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/response-ops-feature-flag-service'] --- import kbnResponseOpsFeatureFlagServiceObj from './kbn_response_ops_feature_flag_service.devdocs.json'; diff --git a/api_docs/kbn_rison.mdx b/api_docs/kbn_rison.mdx index ead9529b4ba59..5847166a54698 100644 --- a/api_docs/kbn_rison.mdx +++ b/api_docs/kbn_rison.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rison title: "@kbn/rison" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rison plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rison'] --- import kbnRisonObj from './kbn_rison.devdocs.json'; diff --git a/api_docs/kbn_rollup.mdx b/api_docs/kbn_rollup.mdx index e605dfee260b1..5ba66ef55d0e4 100644 --- a/api_docs/kbn_rollup.mdx +++ b/api_docs/kbn_rollup.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rollup title: "@kbn/rollup" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rollup plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rollup'] --- import kbnRollupObj from './kbn_rollup.devdocs.json'; diff --git a/api_docs/kbn_router_to_openapispec.mdx b/api_docs/kbn_router_to_openapispec.mdx index f8adece51b31b..ca2d2c607866a 100644 --- a/api_docs/kbn_router_to_openapispec.mdx +++ b/api_docs/kbn_router_to_openapispec.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-router-to-openapispec title: "@kbn/router-to-openapispec" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/router-to-openapispec plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/router-to-openapispec'] --- import kbnRouterToOpenapispecObj from './kbn_router_to_openapispec.devdocs.json'; diff --git a/api_docs/kbn_router_utils.mdx b/api_docs/kbn_router_utils.mdx index 7b893aed83916..9f7088a41f727 100644 --- a/api_docs/kbn_router_utils.mdx +++ b/api_docs/kbn_router_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-router-utils title: "@kbn/router-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/router-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/router-utils'] --- import kbnRouterUtilsObj from './kbn_router_utils.devdocs.json'; diff --git a/api_docs/kbn_rrule.mdx b/api_docs/kbn_rrule.mdx index 341dec247157e..761e219f44a45 100644 --- a/api_docs/kbn_rrule.mdx +++ b/api_docs/kbn_rrule.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rrule title: "@kbn/rrule" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rrule plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rrule'] --- import kbnRruleObj from './kbn_rrule.devdocs.json'; diff --git a/api_docs/kbn_rule_data_utils.mdx b/api_docs/kbn_rule_data_utils.mdx index 8232e3281a48c..dd294080f2912 100644 --- a/api_docs/kbn_rule_data_utils.mdx +++ b/api_docs/kbn_rule_data_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rule-data-utils title: "@kbn/rule-data-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rule-data-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rule-data-utils'] --- import kbnRuleDataUtilsObj from './kbn_rule_data_utils.devdocs.json'; diff --git a/api_docs/kbn_saved_objects_settings.mdx b/api_docs/kbn_saved_objects_settings.mdx index 5a542afd9f358..d0264c0a1256d 100644 --- a/api_docs/kbn_saved_objects_settings.mdx +++ b/api_docs/kbn_saved_objects_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-saved-objects-settings title: "@kbn/saved-objects-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/saved-objects-settings plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/saved-objects-settings'] --- import kbnSavedObjectsSettingsObj from './kbn_saved_objects_settings.devdocs.json'; diff --git a/api_docs/kbn_screenshotting_server.mdx b/api_docs/kbn_screenshotting_server.mdx index a9cb18405f240..d534f1b236dec 100644 --- a/api_docs/kbn_screenshotting_server.mdx +++ b/api_docs/kbn_screenshotting_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-screenshotting-server title: "@kbn/screenshotting-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/screenshotting-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/screenshotting-server'] --- import kbnScreenshottingServerObj from './kbn_screenshotting_server.devdocs.json'; diff --git a/api_docs/kbn_search_api_panels.mdx b/api_docs/kbn_search_api_panels.mdx index 51f55a7ec8bf7..bdbb8230ef336 100644 --- a/api_docs/kbn_search_api_panels.mdx +++ b/api_docs/kbn_search_api_panels.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-api-panels title: "@kbn/search-api-panels" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-api-panels plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-api-panels'] --- import kbnSearchApiPanelsObj from './kbn_search_api_panels.devdocs.json'; diff --git a/api_docs/kbn_search_connectors.mdx b/api_docs/kbn_search_connectors.mdx index 94bbbf3d14e8e..0bc67b9ff7ba5 100644 --- a/api_docs/kbn_search_connectors.mdx +++ b/api_docs/kbn_search_connectors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-connectors title: "@kbn/search-connectors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-connectors plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-connectors'] --- import kbnSearchConnectorsObj from './kbn_search_connectors.devdocs.json'; diff --git a/api_docs/kbn_search_errors.mdx b/api_docs/kbn_search_errors.mdx index 3230977d0fc05..d89cc987031b7 100644 --- a/api_docs/kbn_search_errors.mdx +++ b/api_docs/kbn_search_errors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-errors title: "@kbn/search-errors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-errors plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-errors'] --- import kbnSearchErrorsObj from './kbn_search_errors.devdocs.json'; diff --git a/api_docs/kbn_search_index_documents.mdx b/api_docs/kbn_search_index_documents.mdx index f2af436edc445..a9d521133f4be 100644 --- a/api_docs/kbn_search_index_documents.mdx +++ b/api_docs/kbn_search_index_documents.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-index-documents title: "@kbn/search-index-documents" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-index-documents plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-index-documents'] --- import kbnSearchIndexDocumentsObj from './kbn_search_index_documents.devdocs.json'; diff --git a/api_docs/kbn_search_response_warnings.mdx b/api_docs/kbn_search_response_warnings.mdx index e5ee1f8360c9c..9c44887a59fac 100644 --- a/api_docs/kbn_search_response_warnings.mdx +++ b/api_docs/kbn_search_response_warnings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-response-warnings title: "@kbn/search-response-warnings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-response-warnings plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-response-warnings'] --- import kbnSearchResponseWarningsObj from './kbn_search_response_warnings.devdocs.json'; diff --git a/api_docs/kbn_search_types.mdx b/api_docs/kbn_search_types.mdx index 7f7a7dda202af..d1ff681fd4f44 100644 --- a/api_docs/kbn_search_types.mdx +++ b/api_docs/kbn_search_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-types title: "@kbn/search-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-types plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-types'] --- import kbnSearchTypesObj from './kbn_search_types.devdocs.json'; diff --git a/api_docs/kbn_security_api_key_management.mdx b/api_docs/kbn_security_api_key_management.mdx index 92695e3dbcc32..430201c3823e9 100644 --- a/api_docs/kbn_security_api_key_management.mdx +++ b/api_docs/kbn_security_api_key_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-api-key-management title: "@kbn/security-api-key-management" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-api-key-management plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-api-key-management'] --- import kbnSecurityApiKeyManagementObj from './kbn_security_api_key_management.devdocs.json'; diff --git a/api_docs/kbn_security_authorization_core.mdx b/api_docs/kbn_security_authorization_core.mdx index 413d042526365..551b7cb7e2ed7 100644 --- a/api_docs/kbn_security_authorization_core.mdx +++ b/api_docs/kbn_security_authorization_core.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-authorization-core title: "@kbn/security-authorization-core" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-authorization-core plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-authorization-core'] --- import kbnSecurityAuthorizationCoreObj from './kbn_security_authorization_core.devdocs.json'; diff --git a/api_docs/kbn_security_form_components.mdx b/api_docs/kbn_security_form_components.mdx index 9c7281fe566ca..b977eb5c6b07f 100644 --- a/api_docs/kbn_security_form_components.mdx +++ b/api_docs/kbn_security_form_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-form-components title: "@kbn/security-form-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-form-components plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-form-components'] --- import kbnSecurityFormComponentsObj from './kbn_security_form_components.devdocs.json'; diff --git a/api_docs/kbn_security_hardening.mdx b/api_docs/kbn_security_hardening.mdx index ea0a3d3d0b584..93d97b71a654d 100644 --- a/api_docs/kbn_security_hardening.mdx +++ b/api_docs/kbn_security_hardening.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-hardening title: "@kbn/security-hardening" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-hardening plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-hardening'] --- import kbnSecurityHardeningObj from './kbn_security_hardening.devdocs.json'; diff --git a/api_docs/kbn_security_plugin_types_common.mdx b/api_docs/kbn_security_plugin_types_common.mdx index a90fa7dc26c0a..907803e38525b 100644 --- a/api_docs/kbn_security_plugin_types_common.mdx +++ b/api_docs/kbn_security_plugin_types_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-plugin-types-common title: "@kbn/security-plugin-types-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-plugin-types-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-plugin-types-common'] --- import kbnSecurityPluginTypesCommonObj from './kbn_security_plugin_types_common.devdocs.json'; diff --git a/api_docs/kbn_security_plugin_types_public.mdx b/api_docs/kbn_security_plugin_types_public.mdx index 270ede9fb339c..226d97fb685e4 100644 --- a/api_docs/kbn_security_plugin_types_public.mdx +++ b/api_docs/kbn_security_plugin_types_public.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-plugin-types-public title: "@kbn/security-plugin-types-public" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-plugin-types-public plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-plugin-types-public'] --- import kbnSecurityPluginTypesPublicObj from './kbn_security_plugin_types_public.devdocs.json'; diff --git a/api_docs/kbn_security_plugin_types_server.mdx b/api_docs/kbn_security_plugin_types_server.mdx index a6f52d29800bc..4c98ea2d4ba89 100644 --- a/api_docs/kbn_security_plugin_types_server.mdx +++ b/api_docs/kbn_security_plugin_types_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-plugin-types-server title: "@kbn/security-plugin-types-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-plugin-types-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-plugin-types-server'] --- import kbnSecurityPluginTypesServerObj from './kbn_security_plugin_types_server.devdocs.json'; diff --git a/api_docs/kbn_security_role_management_model.mdx b/api_docs/kbn_security_role_management_model.mdx index ab26dca7dc575..73a5349592f9f 100644 --- a/api_docs/kbn_security_role_management_model.mdx +++ b/api_docs/kbn_security_role_management_model.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-role-management-model title: "@kbn/security-role-management-model" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-role-management-model plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-role-management-model'] --- import kbnSecurityRoleManagementModelObj from './kbn_security_role_management_model.devdocs.json'; diff --git a/api_docs/kbn_security_solution_common.mdx b/api_docs/kbn_security_solution_common.mdx index 3505a4aeefee4..2d1be761995a4 100644 --- a/api_docs/kbn_security_solution_common.mdx +++ b/api_docs/kbn_security_solution_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-common title: "@kbn/security-solution-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-common plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-common'] --- import kbnSecuritySolutionCommonObj from './kbn_security_solution_common.devdocs.json'; diff --git a/api_docs/kbn_security_solution_distribution_bar.mdx b/api_docs/kbn_security_solution_distribution_bar.mdx index fec855eda7cc4..8503aa5d74388 100644 --- a/api_docs/kbn_security_solution_distribution_bar.mdx +++ b/api_docs/kbn_security_solution_distribution_bar.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-distribution-bar title: "@kbn/security-solution-distribution-bar" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-distribution-bar plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-distribution-bar'] --- import kbnSecuritySolutionDistributionBarObj from './kbn_security_solution_distribution_bar.devdocs.json'; diff --git a/api_docs/kbn_security_solution_features.mdx b/api_docs/kbn_security_solution_features.mdx index 6ff5159907f45..ccfa1fa9d7d13 100644 --- a/api_docs/kbn_security_solution_features.mdx +++ b/api_docs/kbn_security_solution_features.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-features title: "@kbn/security-solution-features" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-features plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-features'] --- import kbnSecuritySolutionFeaturesObj from './kbn_security_solution_features.devdocs.json'; diff --git a/api_docs/kbn_security_solution_navigation.mdx b/api_docs/kbn_security_solution_navigation.mdx index 1641d58dcc155..fe03fe3b0e13a 100644 --- a/api_docs/kbn_security_solution_navigation.mdx +++ b/api_docs/kbn_security_solution_navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-navigation title: "@kbn/security-solution-navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-navigation plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-navigation'] --- import kbnSecuritySolutionNavigationObj from './kbn_security_solution_navigation.devdocs.json'; diff --git a/api_docs/kbn_security_solution_side_nav.mdx b/api_docs/kbn_security_solution_side_nav.mdx index 646d422fb505e..d4dc7d870615b 100644 --- a/api_docs/kbn_security_solution_side_nav.mdx +++ b/api_docs/kbn_security_solution_side_nav.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-side-nav title: "@kbn/security-solution-side-nav" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-side-nav plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-side-nav'] --- import kbnSecuritySolutionSideNavObj from './kbn_security_solution_side_nav.devdocs.json'; diff --git a/api_docs/kbn_security_solution_storybook_config.mdx b/api_docs/kbn_security_solution_storybook_config.mdx index 0236b4d0ac413..4c9e135f87832 100644 --- a/api_docs/kbn_security_solution_storybook_config.mdx +++ b/api_docs/kbn_security_solution_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-storybook-config title: "@kbn/security-solution-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-storybook-config plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-storybook-config'] --- import kbnSecuritySolutionStorybookConfigObj from './kbn_security_solution_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_security_ui_components.mdx b/api_docs/kbn_security_ui_components.mdx index 81f05a44ed97e..e83036d5ab054 100644 --- a/api_docs/kbn_security_ui_components.mdx +++ b/api_docs/kbn_security_ui_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-ui-components title: "@kbn/security-ui-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-ui-components plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-ui-components'] --- import kbnSecurityUiComponentsObj from './kbn_security_ui_components.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_autocomplete.mdx b/api_docs/kbn_securitysolution_autocomplete.mdx index b3306687e8afe..833aeb7ad7fbb 100644 --- a/api_docs/kbn_securitysolution_autocomplete.mdx +++ b/api_docs/kbn_securitysolution_autocomplete.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-autocomplete title: "@kbn/securitysolution-autocomplete" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-autocomplete plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-autocomplete'] --- import kbnSecuritysolutionAutocompleteObj from './kbn_securitysolution_autocomplete.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_data_table.mdx b/api_docs/kbn_securitysolution_data_table.mdx index 011bba76a789f..8ba7ec8de8e0e 100644 --- a/api_docs/kbn_securitysolution_data_table.mdx +++ b/api_docs/kbn_securitysolution_data_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-data-table title: "@kbn/securitysolution-data-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-data-table plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-data-table'] --- import kbnSecuritysolutionDataTableObj from './kbn_securitysolution_data_table.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_ecs.mdx b/api_docs/kbn_securitysolution_ecs.mdx index 2b859ed1b67c4..498e5e5fed3bf 100644 --- a/api_docs/kbn_securitysolution_ecs.mdx +++ b/api_docs/kbn_securitysolution_ecs.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-ecs title: "@kbn/securitysolution-ecs" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-ecs plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-ecs'] --- import kbnSecuritysolutionEcsObj from './kbn_securitysolution_ecs.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_es_utils.mdx b/api_docs/kbn_securitysolution_es_utils.mdx index 85dfba0cf4a66..531a468db9243 100644 --- a/api_docs/kbn_securitysolution_es_utils.mdx +++ b/api_docs/kbn_securitysolution_es_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-es-utils title: "@kbn/securitysolution-es-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-es-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-es-utils'] --- import kbnSecuritysolutionEsUtilsObj from './kbn_securitysolution_es_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_exception_list_components.mdx b/api_docs/kbn_securitysolution_exception_list_components.mdx index d763635c84bbe..686633330f022 100644 --- a/api_docs/kbn_securitysolution_exception_list_components.mdx +++ b/api_docs/kbn_securitysolution_exception_list_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-exception-list-components title: "@kbn/securitysolution-exception-list-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-exception-list-components plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-exception-list-components'] --- import kbnSecuritysolutionExceptionListComponentsObj from './kbn_securitysolution_exception_list_components.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_hook_utils.mdx b/api_docs/kbn_securitysolution_hook_utils.mdx index d455d4e24a3d4..9fc84aa46b2b4 100644 --- a/api_docs/kbn_securitysolution_hook_utils.mdx +++ b/api_docs/kbn_securitysolution_hook_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-hook-utils title: "@kbn/securitysolution-hook-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-hook-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-hook-utils'] --- import kbnSecuritysolutionHookUtilsObj from './kbn_securitysolution_hook_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx b/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx index 33035ce22702f..ef945a4a42ca1 100644 --- a/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx +++ b/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-alerting-types title: "@kbn/securitysolution-io-ts-alerting-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-alerting-types plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-alerting-types'] --- import kbnSecuritysolutionIoTsAlertingTypesObj from './kbn_securitysolution_io_ts_alerting_types.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_list_types.mdx b/api_docs/kbn_securitysolution_io_ts_list_types.mdx index 929932fcdbc70..318a63cc4d18d 100644 --- a/api_docs/kbn_securitysolution_io_ts_list_types.mdx +++ b/api_docs/kbn_securitysolution_io_ts_list_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-list-types title: "@kbn/securitysolution-io-ts-list-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-list-types plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-list-types'] --- import kbnSecuritysolutionIoTsListTypesObj from './kbn_securitysolution_io_ts_list_types.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_types.mdx b/api_docs/kbn_securitysolution_io_ts_types.mdx index 4c04805eb9360..36736d13b18d3 100644 --- a/api_docs/kbn_securitysolution_io_ts_types.mdx +++ b/api_docs/kbn_securitysolution_io_ts_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-types title: "@kbn/securitysolution-io-ts-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-types plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-types'] --- import kbnSecuritysolutionIoTsTypesObj from './kbn_securitysolution_io_ts_types.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_utils.mdx b/api_docs/kbn_securitysolution_io_ts_utils.mdx index 812791dd92afb..1f9321708acd7 100644 --- a/api_docs/kbn_securitysolution_io_ts_utils.mdx +++ b/api_docs/kbn_securitysolution_io_ts_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-utils title: "@kbn/securitysolution-io-ts-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-utils'] --- import kbnSecuritysolutionIoTsUtilsObj from './kbn_securitysolution_io_ts_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_api.mdx b/api_docs/kbn_securitysolution_list_api.mdx index 4a578aa1bb469..c56286a1cf17a 100644 --- a/api_docs/kbn_securitysolution_list_api.mdx +++ b/api_docs/kbn_securitysolution_list_api.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-api title: "@kbn/securitysolution-list-api" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-api plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-api'] --- import kbnSecuritysolutionListApiObj from './kbn_securitysolution_list_api.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_constants.mdx b/api_docs/kbn_securitysolution_list_constants.mdx index 5df37673da35a..a3f01236e42be 100644 --- a/api_docs/kbn_securitysolution_list_constants.mdx +++ b/api_docs/kbn_securitysolution_list_constants.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-constants title: "@kbn/securitysolution-list-constants" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-constants plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-constants'] --- import kbnSecuritysolutionListConstantsObj from './kbn_securitysolution_list_constants.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_hooks.mdx b/api_docs/kbn_securitysolution_list_hooks.mdx index ed92ca600219d..773e1daec362c 100644 --- a/api_docs/kbn_securitysolution_list_hooks.mdx +++ b/api_docs/kbn_securitysolution_list_hooks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-hooks title: "@kbn/securitysolution-list-hooks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-hooks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-hooks'] --- import kbnSecuritysolutionListHooksObj from './kbn_securitysolution_list_hooks.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_utils.mdx b/api_docs/kbn_securitysolution_list_utils.mdx index 1bef7008b3ff2..bf31df6242884 100644 --- a/api_docs/kbn_securitysolution_list_utils.mdx +++ b/api_docs/kbn_securitysolution_list_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-utils title: "@kbn/securitysolution-list-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-utils'] --- import kbnSecuritysolutionListUtilsObj from './kbn_securitysolution_list_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_rules.mdx b/api_docs/kbn_securitysolution_rules.mdx index be25ebc02ff48..b5c2c0ab5d945 100644 --- a/api_docs/kbn_securitysolution_rules.mdx +++ b/api_docs/kbn_securitysolution_rules.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-rules title: "@kbn/securitysolution-rules" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-rules plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-rules'] --- import kbnSecuritysolutionRulesObj from './kbn_securitysolution_rules.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_t_grid.mdx b/api_docs/kbn_securitysolution_t_grid.mdx index a685035a277d7..749914a01e6d7 100644 --- a/api_docs/kbn_securitysolution_t_grid.mdx +++ b/api_docs/kbn_securitysolution_t_grid.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-t-grid title: "@kbn/securitysolution-t-grid" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-t-grid plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-t-grid'] --- import kbnSecuritysolutionTGridObj from './kbn_securitysolution_t_grid.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_utils.mdx b/api_docs/kbn_securitysolution_utils.mdx index 4cedb9bbb9eeb..6079071cfb138 100644 --- a/api_docs/kbn_securitysolution_utils.mdx +++ b/api_docs/kbn_securitysolution_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-utils title: "@kbn/securitysolution-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-utils'] --- import kbnSecuritysolutionUtilsObj from './kbn_securitysolution_utils.devdocs.json'; diff --git a/api_docs/kbn_server_http_tools.mdx b/api_docs/kbn_server_http_tools.mdx index ba130463c1dff..9396d7c2232e2 100644 --- a/api_docs/kbn_server_http_tools.mdx +++ b/api_docs/kbn_server_http_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-http-tools title: "@kbn/server-http-tools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-http-tools plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-http-tools'] --- import kbnServerHttpToolsObj from './kbn_server_http_tools.devdocs.json'; diff --git a/api_docs/kbn_server_route_repository.mdx b/api_docs/kbn_server_route_repository.mdx index d6a676035a2a0..b44dc646e392e 100644 --- a/api_docs/kbn_server_route_repository.mdx +++ b/api_docs/kbn_server_route_repository.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-route-repository title: "@kbn/server-route-repository" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-route-repository plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-route-repository'] --- import kbnServerRouteRepositoryObj from './kbn_server_route_repository.devdocs.json'; diff --git a/api_docs/kbn_server_route_repository_client.mdx b/api_docs/kbn_server_route_repository_client.mdx index 0fa6b225f6a4a..0add7375192b1 100644 --- a/api_docs/kbn_server_route_repository_client.mdx +++ b/api_docs/kbn_server_route_repository_client.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-route-repository-client title: "@kbn/server-route-repository-client" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-route-repository-client plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-route-repository-client'] --- import kbnServerRouteRepositoryClientObj from './kbn_server_route_repository_client.devdocs.json'; diff --git a/api_docs/kbn_server_route_repository_utils.mdx b/api_docs/kbn_server_route_repository_utils.mdx index e06d1622a64a9..d1debbddaca93 100644 --- a/api_docs/kbn_server_route_repository_utils.mdx +++ b/api_docs/kbn_server_route_repository_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-route-repository-utils title: "@kbn/server-route-repository-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-route-repository-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-route-repository-utils'] --- import kbnServerRouteRepositoryUtilsObj from './kbn_server_route_repository_utils.devdocs.json'; diff --git a/api_docs/kbn_serverless_common_settings.mdx b/api_docs/kbn_serverless_common_settings.mdx index 271dab1599c51..e400e245a5666 100644 --- a/api_docs/kbn_serverless_common_settings.mdx +++ b/api_docs/kbn_serverless_common_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-common-settings title: "@kbn/serverless-common-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-common-settings plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-common-settings'] --- import kbnServerlessCommonSettingsObj from './kbn_serverless_common_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_observability_settings.mdx b/api_docs/kbn_serverless_observability_settings.mdx index feb8df175e579..69e176fcb4826 100644 --- a/api_docs/kbn_serverless_observability_settings.mdx +++ b/api_docs/kbn_serverless_observability_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-observability-settings title: "@kbn/serverless-observability-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-observability-settings plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-observability-settings'] --- import kbnServerlessObservabilitySettingsObj from './kbn_serverless_observability_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_project_switcher.mdx b/api_docs/kbn_serverless_project_switcher.mdx index 523ca2f2e811b..63bf5abb87465 100644 --- a/api_docs/kbn_serverless_project_switcher.mdx +++ b/api_docs/kbn_serverless_project_switcher.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-project-switcher title: "@kbn/serverless-project-switcher" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-project-switcher plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-project-switcher'] --- import kbnServerlessProjectSwitcherObj from './kbn_serverless_project_switcher.devdocs.json'; diff --git a/api_docs/kbn_serverless_search_settings.mdx b/api_docs/kbn_serverless_search_settings.mdx index eecb38ba755fe..88d04b09705c6 100644 --- a/api_docs/kbn_serverless_search_settings.mdx +++ b/api_docs/kbn_serverless_search_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-search-settings title: "@kbn/serverless-search-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-search-settings plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-search-settings'] --- import kbnServerlessSearchSettingsObj from './kbn_serverless_search_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_security_settings.mdx b/api_docs/kbn_serverless_security_settings.mdx index 295316decb231..e1e55d16279c3 100644 --- a/api_docs/kbn_serverless_security_settings.mdx +++ b/api_docs/kbn_serverless_security_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-security-settings title: "@kbn/serverless-security-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-security-settings plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-security-settings'] --- import kbnServerlessSecuritySettingsObj from './kbn_serverless_security_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_storybook_config.mdx b/api_docs/kbn_serverless_storybook_config.mdx index 729371645fe97..49c01eff9f08b 100644 --- a/api_docs/kbn_serverless_storybook_config.mdx +++ b/api_docs/kbn_serverless_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-storybook-config title: "@kbn/serverless-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-storybook-config plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-storybook-config'] --- import kbnServerlessStorybookConfigObj from './kbn_serverless_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_shared_svg.mdx b/api_docs/kbn_shared_svg.mdx index 53c4a81a26e27..08a357609c485 100644 --- a/api_docs/kbn_shared_svg.mdx +++ b/api_docs/kbn_shared_svg.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-svg title: "@kbn/shared-svg" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-svg plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-svg'] --- import kbnSharedSvgObj from './kbn_shared_svg.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_avatar_solution.mdx b/api_docs/kbn_shared_ux_avatar_solution.mdx index 7fbef4f6c25d7..fb3eaac8e1e27 100644 --- a/api_docs/kbn_shared_ux_avatar_solution.mdx +++ b/api_docs/kbn_shared_ux_avatar_solution.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-avatar-solution title: "@kbn/shared-ux-avatar-solution" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-avatar-solution plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-avatar-solution'] --- import kbnSharedUxAvatarSolutionObj from './kbn_shared_ux_avatar_solution.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_button_exit_full_screen.mdx b/api_docs/kbn_shared_ux_button_exit_full_screen.mdx index df90476f5a8f6..de3cc1de65686 100644 --- a/api_docs/kbn_shared_ux_button_exit_full_screen.mdx +++ b/api_docs/kbn_shared_ux_button_exit_full_screen.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-button-exit-full-screen title: "@kbn/shared-ux-button-exit-full-screen" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-button-exit-full-screen plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-button-exit-full-screen'] --- import kbnSharedUxButtonExitFullScreenObj from './kbn_shared_ux_button_exit_full_screen.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_button_toolbar.mdx b/api_docs/kbn_shared_ux_button_toolbar.mdx index 3d48e22302d57..ea3a14ecee95e 100644 --- a/api_docs/kbn_shared_ux_button_toolbar.mdx +++ b/api_docs/kbn_shared_ux_button_toolbar.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-button-toolbar title: "@kbn/shared-ux-button-toolbar" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-button-toolbar plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-button-toolbar'] --- import kbnSharedUxButtonToolbarObj from './kbn_shared_ux_button_toolbar.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_card_no_data.mdx b/api_docs/kbn_shared_ux_card_no_data.mdx index 701935138e930..2c885efc3b477 100644 --- a/api_docs/kbn_shared_ux_card_no_data.mdx +++ b/api_docs/kbn_shared_ux_card_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-card-no-data title: "@kbn/shared-ux-card-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-card-no-data plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-card-no-data'] --- import kbnSharedUxCardNoDataObj from './kbn_shared_ux_card_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_card_no_data_mocks.mdx b/api_docs/kbn_shared_ux_card_no_data_mocks.mdx index e3f8e84ba06ff..17cc3985df693 100644 --- a/api_docs/kbn_shared_ux_card_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_card_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-card-no-data-mocks title: "@kbn/shared-ux-card-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-card-no-data-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-card-no-data-mocks'] --- import kbnSharedUxCardNoDataMocksObj from './kbn_shared_ux_card_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_chrome_navigation.mdx b/api_docs/kbn_shared_ux_chrome_navigation.mdx index e37803c834a07..2fe86f20afe94 100644 --- a/api_docs/kbn_shared_ux_chrome_navigation.mdx +++ b/api_docs/kbn_shared_ux_chrome_navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-chrome-navigation title: "@kbn/shared-ux-chrome-navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-chrome-navigation plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-chrome-navigation'] --- import kbnSharedUxChromeNavigationObj from './kbn_shared_ux_chrome_navigation.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_error_boundary.mdx b/api_docs/kbn_shared_ux_error_boundary.mdx index 21be7de649ccf..8a6ea5e7d5e1a 100644 --- a/api_docs/kbn_shared_ux_error_boundary.mdx +++ b/api_docs/kbn_shared_ux_error_boundary.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-error-boundary title: "@kbn/shared-ux-error-boundary" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-error-boundary plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-error-boundary'] --- import kbnSharedUxErrorBoundaryObj from './kbn_shared_ux_error_boundary.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_context.mdx b/api_docs/kbn_shared_ux_file_context.mdx index 007b7568fb3a0..1f3d3787e97b3 100644 --- a/api_docs/kbn_shared_ux_file_context.mdx +++ b/api_docs/kbn_shared_ux_file_context.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-context title: "@kbn/shared-ux-file-context" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-context plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-context'] --- import kbnSharedUxFileContextObj from './kbn_shared_ux_file_context.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_image.mdx b/api_docs/kbn_shared_ux_file_image.mdx index dc43f751de5ca..d7c5702615c03 100644 --- a/api_docs/kbn_shared_ux_file_image.mdx +++ b/api_docs/kbn_shared_ux_file_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-image title: "@kbn/shared-ux-file-image" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-image plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-image'] --- import kbnSharedUxFileImageObj from './kbn_shared_ux_file_image.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_image_mocks.mdx b/api_docs/kbn_shared_ux_file_image_mocks.mdx index 50e4fb7dd29d7..433920e7f2a82 100644 --- a/api_docs/kbn_shared_ux_file_image_mocks.mdx +++ b/api_docs/kbn_shared_ux_file_image_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-image-mocks title: "@kbn/shared-ux-file-image-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-image-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-image-mocks'] --- import kbnSharedUxFileImageMocksObj from './kbn_shared_ux_file_image_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_mocks.mdx b/api_docs/kbn_shared_ux_file_mocks.mdx index 975a05e0cd82f..776c77925ca2c 100644 --- a/api_docs/kbn_shared_ux_file_mocks.mdx +++ b/api_docs/kbn_shared_ux_file_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-mocks title: "@kbn/shared-ux-file-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-mocks'] --- import kbnSharedUxFileMocksObj from './kbn_shared_ux_file_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_picker.mdx b/api_docs/kbn_shared_ux_file_picker.mdx index f0c0e71be76c4..ff85e6cb9ef13 100644 --- a/api_docs/kbn_shared_ux_file_picker.mdx +++ b/api_docs/kbn_shared_ux_file_picker.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-picker title: "@kbn/shared-ux-file-picker" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-picker plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-picker'] --- import kbnSharedUxFilePickerObj from './kbn_shared_ux_file_picker.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_types.mdx b/api_docs/kbn_shared_ux_file_types.mdx index e3cb28e7e7954..c34da905340bf 100644 --- a/api_docs/kbn_shared_ux_file_types.mdx +++ b/api_docs/kbn_shared_ux_file_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-types title: "@kbn/shared-ux-file-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-types plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-types'] --- import kbnSharedUxFileTypesObj from './kbn_shared_ux_file_types.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_upload.mdx b/api_docs/kbn_shared_ux_file_upload.mdx index 0396f46c61cab..7e2e1d3cdf8be 100644 --- a/api_docs/kbn_shared_ux_file_upload.mdx +++ b/api_docs/kbn_shared_ux_file_upload.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-upload title: "@kbn/shared-ux-file-upload" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-upload plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-upload'] --- import kbnSharedUxFileUploadObj from './kbn_shared_ux_file_upload.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_util.mdx b/api_docs/kbn_shared_ux_file_util.mdx index 76fd8f4be9ebb..2916508704eed 100644 --- a/api_docs/kbn_shared_ux_file_util.mdx +++ b/api_docs/kbn_shared_ux_file_util.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-util title: "@kbn/shared-ux-file-util" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-util plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-util'] --- import kbnSharedUxFileUtilObj from './kbn_shared_ux_file_util.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_link_redirect_app.mdx b/api_docs/kbn_shared_ux_link_redirect_app.mdx index f71ddfd24ea4e..3fb8e93c040f5 100644 --- a/api_docs/kbn_shared_ux_link_redirect_app.mdx +++ b/api_docs/kbn_shared_ux_link_redirect_app.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-link-redirect-app title: "@kbn/shared-ux-link-redirect-app" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-link-redirect-app plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-link-redirect-app'] --- import kbnSharedUxLinkRedirectAppObj from './kbn_shared_ux_link_redirect_app.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx b/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx index e91d3c318dfec..468a75505fc68 100644 --- a/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx +++ b/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-link-redirect-app-mocks title: "@kbn/shared-ux-link-redirect-app-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-link-redirect-app-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-link-redirect-app-mocks'] --- import kbnSharedUxLinkRedirectAppMocksObj from './kbn_shared_ux_link_redirect_app_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_markdown.mdx b/api_docs/kbn_shared_ux_markdown.mdx index e72b57d29afd5..b7e26e3a325a1 100644 --- a/api_docs/kbn_shared_ux_markdown.mdx +++ b/api_docs/kbn_shared_ux_markdown.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-markdown title: "@kbn/shared-ux-markdown" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-markdown plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-markdown'] --- import kbnSharedUxMarkdownObj from './kbn_shared_ux_markdown.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_markdown_mocks.mdx b/api_docs/kbn_shared_ux_markdown_mocks.mdx index d4cc827963fc8..a9af6dd596ee8 100644 --- a/api_docs/kbn_shared_ux_markdown_mocks.mdx +++ b/api_docs/kbn_shared_ux_markdown_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-markdown-mocks title: "@kbn/shared-ux-markdown-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-markdown-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-markdown-mocks'] --- import kbnSharedUxMarkdownMocksObj from './kbn_shared_ux_markdown_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_analytics_no_data.mdx b/api_docs/kbn_shared_ux_page_analytics_no_data.mdx index 14cb1a8d1b3d8..50ced0c469c6a 100644 --- a/api_docs/kbn_shared_ux_page_analytics_no_data.mdx +++ b/api_docs/kbn_shared_ux_page_analytics_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-analytics-no-data title: "@kbn/shared-ux-page-analytics-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-analytics-no-data plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-analytics-no-data'] --- import kbnSharedUxPageAnalyticsNoDataObj from './kbn_shared_ux_page_analytics_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx b/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx index 19d5015975745..9b0d832459f6a 100644 --- a/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-analytics-no-data-mocks title: "@kbn/shared-ux-page-analytics-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-analytics-no-data-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-analytics-no-data-mocks'] --- import kbnSharedUxPageAnalyticsNoDataMocksObj from './kbn_shared_ux_page_analytics_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_no_data.mdx b/api_docs/kbn_shared_ux_page_kibana_no_data.mdx index ebe8ff13bbc9e..c6efae402cd7d 100644 --- a/api_docs/kbn_shared_ux_page_kibana_no_data.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-no-data title: "@kbn/shared-ux-page-kibana-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-no-data plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-no-data'] --- import kbnSharedUxPageKibanaNoDataObj from './kbn_shared_ux_page_kibana_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx b/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx index 01b48e5a9694d..a610a7d039891 100644 --- a/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-no-data-mocks title: "@kbn/shared-ux-page-kibana-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-no-data-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-no-data-mocks'] --- import kbnSharedUxPageKibanaNoDataMocksObj from './kbn_shared_ux_page_kibana_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_template.mdx b/api_docs/kbn_shared_ux_page_kibana_template.mdx index 697687200f773..c0e6fc9cce67e 100644 --- a/api_docs/kbn_shared_ux_page_kibana_template.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_template.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-template title: "@kbn/shared-ux-page-kibana-template" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-template plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-template'] --- import kbnSharedUxPageKibanaTemplateObj from './kbn_shared_ux_page_kibana_template.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx b/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx index cb6e428301dc9..15ac61055a3c4 100644 --- a/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-template-mocks title: "@kbn/shared-ux-page-kibana-template-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-template-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-template-mocks'] --- import kbnSharedUxPageKibanaTemplateMocksObj from './kbn_shared_ux_page_kibana_template_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data.mdx b/api_docs/kbn_shared_ux_page_no_data.mdx index a017be7f2249b..732e72914177f 100644 --- a/api_docs/kbn_shared_ux_page_no_data.mdx +++ b/api_docs/kbn_shared_ux_page_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data title: "@kbn/shared-ux-page-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data'] --- import kbnSharedUxPageNoDataObj from './kbn_shared_ux_page_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data_config.mdx b/api_docs/kbn_shared_ux_page_no_data_config.mdx index cb37da25542af..04e01ad524697 100644 --- a/api_docs/kbn_shared_ux_page_no_data_config.mdx +++ b/api_docs/kbn_shared_ux_page_no_data_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data-config title: "@kbn/shared-ux-page-no-data-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data-config plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data-config'] --- import kbnSharedUxPageNoDataConfigObj from './kbn_shared_ux_page_no_data_config.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx b/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx index 8a761597f9901..fd6efac3677b8 100644 --- a/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data-config-mocks title: "@kbn/shared-ux-page-no-data-config-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data-config-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data-config-mocks'] --- import kbnSharedUxPageNoDataConfigMocksObj from './kbn_shared_ux_page_no_data_config_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data_mocks.mdx b/api_docs/kbn_shared_ux_page_no_data_mocks.mdx index 3b9db8f6a1157..640aacf851153 100644 --- a/api_docs/kbn_shared_ux_page_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data-mocks title: "@kbn/shared-ux-page-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data-mocks'] --- import kbnSharedUxPageNoDataMocksObj from './kbn_shared_ux_page_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_solution_nav.mdx b/api_docs/kbn_shared_ux_page_solution_nav.mdx index 153dbfb0cd7c0..55da6e727db31 100644 --- a/api_docs/kbn_shared_ux_page_solution_nav.mdx +++ b/api_docs/kbn_shared_ux_page_solution_nav.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-solution-nav title: "@kbn/shared-ux-page-solution-nav" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-solution-nav plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-solution-nav'] --- import kbnSharedUxPageSolutionNavObj from './kbn_shared_ux_page_solution_nav.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_prompt_no_data_views.mdx b/api_docs/kbn_shared_ux_prompt_no_data_views.mdx index eff10e8e11be5..3cca1c55c90c1 100644 --- a/api_docs/kbn_shared_ux_prompt_no_data_views.mdx +++ b/api_docs/kbn_shared_ux_prompt_no_data_views.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-prompt-no-data-views title: "@kbn/shared-ux-prompt-no-data-views" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-prompt-no-data-views plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-prompt-no-data-views'] --- import kbnSharedUxPromptNoDataViewsObj from './kbn_shared_ux_prompt_no_data_views.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx b/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx index 21a1c9b164e9b..013b6710af92b 100644 --- a/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx +++ b/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-prompt-no-data-views-mocks title: "@kbn/shared-ux-prompt-no-data-views-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-prompt-no-data-views-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-prompt-no-data-views-mocks'] --- import kbnSharedUxPromptNoDataViewsMocksObj from './kbn_shared_ux_prompt_no_data_views_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_prompt_not_found.mdx b/api_docs/kbn_shared_ux_prompt_not_found.mdx index 57de91af9e911..1e75b502b6071 100644 --- a/api_docs/kbn_shared_ux_prompt_not_found.mdx +++ b/api_docs/kbn_shared_ux_prompt_not_found.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-prompt-not-found title: "@kbn/shared-ux-prompt-not-found" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-prompt-not-found plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-prompt-not-found'] --- import kbnSharedUxPromptNotFoundObj from './kbn_shared_ux_prompt_not_found.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_router.mdx b/api_docs/kbn_shared_ux_router.mdx index 1fb3cc57e16c0..7f81a25577314 100644 --- a/api_docs/kbn_shared_ux_router.mdx +++ b/api_docs/kbn_shared_ux_router.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-router title: "@kbn/shared-ux-router" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-router plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-router'] --- import kbnSharedUxRouterObj from './kbn_shared_ux_router.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_router_mocks.mdx b/api_docs/kbn_shared_ux_router_mocks.mdx index fc7fa4b4f47aa..3df06efe880ef 100644 --- a/api_docs/kbn_shared_ux_router_mocks.mdx +++ b/api_docs/kbn_shared_ux_router_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-router-mocks title: "@kbn/shared-ux-router-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-router-mocks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-router-mocks'] --- import kbnSharedUxRouterMocksObj from './kbn_shared_ux_router_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_storybook_config.mdx b/api_docs/kbn_shared_ux_storybook_config.mdx index 8c2097a9c1860..0f1819b81ad26 100644 --- a/api_docs/kbn_shared_ux_storybook_config.mdx +++ b/api_docs/kbn_shared_ux_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-storybook-config title: "@kbn/shared-ux-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-storybook-config plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-storybook-config'] --- import kbnSharedUxStorybookConfigObj from './kbn_shared_ux_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_storybook_mock.mdx b/api_docs/kbn_shared_ux_storybook_mock.mdx index 79b28b91ee3b0..7cae455e6a1e0 100644 --- a/api_docs/kbn_shared_ux_storybook_mock.mdx +++ b/api_docs/kbn_shared_ux_storybook_mock.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-storybook-mock title: "@kbn/shared-ux-storybook-mock" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-storybook-mock plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-storybook-mock'] --- import kbnSharedUxStorybookMockObj from './kbn_shared_ux_storybook_mock.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_tabbed_modal.mdx b/api_docs/kbn_shared_ux_tabbed_modal.mdx index 1ae713c676c30..af59b63499e6d 100644 --- a/api_docs/kbn_shared_ux_tabbed_modal.mdx +++ b/api_docs/kbn_shared_ux_tabbed_modal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-tabbed-modal title: "@kbn/shared-ux-tabbed-modal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-tabbed-modal plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-tabbed-modal'] --- import kbnSharedUxTabbedModalObj from './kbn_shared_ux_tabbed_modal.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_table_persist.mdx b/api_docs/kbn_shared_ux_table_persist.mdx index fa4970d4feac9..10d777179400b 100644 --- a/api_docs/kbn_shared_ux_table_persist.mdx +++ b/api_docs/kbn_shared_ux_table_persist.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-table-persist title: "@kbn/shared-ux-table-persist" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-table-persist plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-table-persist'] --- import kbnSharedUxTablePersistObj from './kbn_shared_ux_table_persist.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_utility.mdx b/api_docs/kbn_shared_ux_utility.mdx index 12e48dc7a27d2..848c4c296e70b 100644 --- a/api_docs/kbn_shared_ux_utility.mdx +++ b/api_docs/kbn_shared_ux_utility.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-utility title: "@kbn/shared-ux-utility" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-utility plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-utility'] --- import kbnSharedUxUtilityObj from './kbn_shared_ux_utility.devdocs.json'; diff --git a/api_docs/kbn_slo_schema.mdx b/api_docs/kbn_slo_schema.mdx index 2c363a37c7aaf..a234e4cbe481e 100644 --- a/api_docs/kbn_slo_schema.mdx +++ b/api_docs/kbn_slo_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-slo-schema title: "@kbn/slo-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/slo-schema plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/slo-schema'] --- import kbnSloSchemaObj from './kbn_slo_schema.devdocs.json'; diff --git a/api_docs/kbn_some_dev_log.mdx b/api_docs/kbn_some_dev_log.mdx index 3ca3982207ea6..fc34df579d514 100644 --- a/api_docs/kbn_some_dev_log.mdx +++ b/api_docs/kbn_some_dev_log.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-some-dev-log title: "@kbn/some-dev-log" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/some-dev-log plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/some-dev-log'] --- import kbnSomeDevLogObj from './kbn_some_dev_log.devdocs.json'; diff --git a/api_docs/kbn_sort_predicates.mdx b/api_docs/kbn_sort_predicates.mdx index eaaf9ffcec851..38c3c1117245e 100644 --- a/api_docs/kbn_sort_predicates.mdx +++ b/api_docs/kbn_sort_predicates.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-sort-predicates title: "@kbn/sort-predicates" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/sort-predicates plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/sort-predicates'] --- import kbnSortPredicatesObj from './kbn_sort_predicates.devdocs.json'; diff --git a/api_docs/kbn_sse_utils.mdx b/api_docs/kbn_sse_utils.mdx index e533e597db704..0568e570fc1c5 100644 --- a/api_docs/kbn_sse_utils.mdx +++ b/api_docs/kbn_sse_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-sse-utils title: "@kbn/sse-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/sse-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/sse-utils'] --- import kbnSseUtilsObj from './kbn_sse_utils.devdocs.json'; diff --git a/api_docs/kbn_sse_utils_client.mdx b/api_docs/kbn_sse_utils_client.mdx index 3831cf4394983..40647dd4610de 100644 --- a/api_docs/kbn_sse_utils_client.mdx +++ b/api_docs/kbn_sse_utils_client.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-sse-utils-client title: "@kbn/sse-utils-client" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/sse-utils-client plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/sse-utils-client'] --- import kbnSseUtilsClientObj from './kbn_sse_utils_client.devdocs.json'; diff --git a/api_docs/kbn_sse_utils_server.mdx b/api_docs/kbn_sse_utils_server.mdx index dc85fd7d7fe42..668403a8ff8d1 100644 --- a/api_docs/kbn_sse_utils_server.mdx +++ b/api_docs/kbn_sse_utils_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-sse-utils-server title: "@kbn/sse-utils-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/sse-utils-server plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/sse-utils-server'] --- import kbnSseUtilsServerObj from './kbn_sse_utils_server.devdocs.json'; diff --git a/api_docs/kbn_std.devdocs.json b/api_docs/kbn_std.devdocs.json index 7dda5e8072d18..52ab3ce364996 100644 --- a/api_docs/kbn_std.devdocs.json +++ b/api_docs/kbn_std.devdocs.json @@ -1686,56 +1686,6 @@ "returnComment": [], "initialIsOpen": false }, - { - "parentPluginId": "@kbn/std", - "id": "def-common.unset", - "type": "Function", - "tags": [], - "label": "unset", - "description": [ - "\nUnset a (potentially nested) key from given object.\nThis mutates the original object.\n" - ], - "signature": [ - "(obj: OBJ, atPath: string) => void" - ], - "path": "packages/kbn-std/src/unset.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "@kbn/std", - "id": "def-common.unset.$1", - "type": "Uncategorized", - "tags": [], - "label": "obj", - "description": [], - "signature": [ - "OBJ" - ], - "path": "packages/kbn-std/src/unset.ts", - "deprecated": false, - "trackAdoption": false, - "isRequired": true - }, - { - "parentPluginId": "@kbn/std", - "id": "def-common.unset.$2", - "type": "string", - "tags": [], - "label": "atPath", - "description": [], - "signature": [ - "string" - ], - "path": "packages/kbn-std/src/unset.ts", - "deprecated": false, - "trackAdoption": false, - "isRequired": true - } - ], - "returnComment": [], - "initialIsOpen": false - }, { "parentPluginId": "@kbn/std", "id": "def-common.withTimeout", diff --git a/api_docs/kbn_std.mdx b/api_docs/kbn_std.mdx index 6acb972535f66..e5efc79a74b52 100644 --- a/api_docs/kbn_std.mdx +++ b/api_docs/kbn_std.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-std title: "@kbn/std" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/std plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/std'] --- import kbnStdObj from './kbn_std.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 111 | 2 | 72 | 1 | +| 108 | 2 | 70 | 1 | ## Common diff --git a/api_docs/kbn_stdio_dev_helpers.mdx b/api_docs/kbn_stdio_dev_helpers.mdx index c8e9f140d38b9..9404f3632c20a 100644 --- a/api_docs/kbn_stdio_dev_helpers.mdx +++ b/api_docs/kbn_stdio_dev_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-stdio-dev-helpers title: "@kbn/stdio-dev-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/stdio-dev-helpers plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/stdio-dev-helpers'] --- import kbnStdioDevHelpersObj from './kbn_stdio_dev_helpers.devdocs.json'; diff --git a/api_docs/kbn_storybook.mdx b/api_docs/kbn_storybook.mdx index 31bc005036fe5..9e268bfbb941e 100644 --- a/api_docs/kbn_storybook.mdx +++ b/api_docs/kbn_storybook.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-storybook title: "@kbn/storybook" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/storybook plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/storybook'] --- import kbnStorybookObj from './kbn_storybook.devdocs.json'; diff --git a/api_docs/kbn_synthetics_e2e.mdx b/api_docs/kbn_synthetics_e2e.mdx index adb6a133de45c..d78169ef551f5 100644 --- a/api_docs/kbn_synthetics_e2e.mdx +++ b/api_docs/kbn_synthetics_e2e.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-synthetics-e2e title: "@kbn/synthetics-e2e" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/synthetics-e2e plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/synthetics-e2e'] --- import kbnSyntheticsE2eObj from './kbn_synthetics_e2e.devdocs.json'; diff --git a/api_docs/kbn_synthetics_private_location.mdx b/api_docs/kbn_synthetics_private_location.mdx index a96da877d07a7..7fcda51c5d677 100644 --- a/api_docs/kbn_synthetics_private_location.mdx +++ b/api_docs/kbn_synthetics_private_location.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-synthetics-private-location title: "@kbn/synthetics-private-location" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/synthetics-private-location plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/synthetics-private-location'] --- import kbnSyntheticsPrivateLocationObj from './kbn_synthetics_private_location.devdocs.json'; diff --git a/api_docs/kbn_telemetry_tools.mdx b/api_docs/kbn_telemetry_tools.mdx index 4b4219cacdf46..dd053904dfae6 100644 --- a/api_docs/kbn_telemetry_tools.mdx +++ b/api_docs/kbn_telemetry_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-telemetry-tools title: "@kbn/telemetry-tools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/telemetry-tools plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/telemetry-tools'] --- import kbnTelemetryToolsObj from './kbn_telemetry_tools.devdocs.json'; diff --git a/api_docs/kbn_test.mdx b/api_docs/kbn_test.mdx index 164bbb82ffcb8..523844ac6b3db 100644 --- a/api_docs/kbn_test.mdx +++ b/api_docs/kbn_test.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test title: "@kbn/test" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test'] --- import kbnTestObj from './kbn_test.devdocs.json'; diff --git a/api_docs/kbn_test_eui_helpers.mdx b/api_docs/kbn_test_eui_helpers.mdx index 468942b99f6ce..62146c2d53d3f 100644 --- a/api_docs/kbn_test_eui_helpers.mdx +++ b/api_docs/kbn_test_eui_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test-eui-helpers title: "@kbn/test-eui-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test-eui-helpers plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test-eui-helpers'] --- import kbnTestEuiHelpersObj from './kbn_test_eui_helpers.devdocs.json'; diff --git a/api_docs/kbn_test_jest_helpers.mdx b/api_docs/kbn_test_jest_helpers.mdx index a4ffed02e5b81..caff33e1682d3 100644 --- a/api_docs/kbn_test_jest_helpers.mdx +++ b/api_docs/kbn_test_jest_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test-jest-helpers title: "@kbn/test-jest-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test-jest-helpers plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test-jest-helpers'] --- import kbnTestJestHelpersObj from './kbn_test_jest_helpers.devdocs.json'; diff --git a/api_docs/kbn_test_subj_selector.mdx b/api_docs/kbn_test_subj_selector.mdx index edfdb435c4753..5f459edbdc56f 100644 --- a/api_docs/kbn_test_subj_selector.mdx +++ b/api_docs/kbn_test_subj_selector.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test-subj-selector title: "@kbn/test-subj-selector" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test-subj-selector plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test-subj-selector'] --- import kbnTestSubjSelectorObj from './kbn_test_subj_selector.devdocs.json'; diff --git a/api_docs/kbn_text_based_editor.mdx b/api_docs/kbn_text_based_editor.mdx index d3835c6b27c27..57ed8c0e92b68 100644 --- a/api_docs/kbn_text_based_editor.mdx +++ b/api_docs/kbn_text_based_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-text-based-editor title: "@kbn/text-based-editor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/text-based-editor plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/text-based-editor'] --- import kbnTextBasedEditorObj from './kbn_text_based_editor.devdocs.json'; diff --git a/api_docs/kbn_timerange.mdx b/api_docs/kbn_timerange.mdx index cfe129861406b..6699d6636baf4 100644 --- a/api_docs/kbn_timerange.mdx +++ b/api_docs/kbn_timerange.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-timerange title: "@kbn/timerange" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/timerange plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/timerange'] --- import kbnTimerangeObj from './kbn_timerange.devdocs.json'; diff --git a/api_docs/kbn_tooling_log.mdx b/api_docs/kbn_tooling_log.mdx index cf451921a663a..073e449b295de 100644 --- a/api_docs/kbn_tooling_log.mdx +++ b/api_docs/kbn_tooling_log.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-tooling-log title: "@kbn/tooling-log" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/tooling-log plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/tooling-log'] --- import kbnToolingLogObj from './kbn_tooling_log.devdocs.json'; diff --git a/api_docs/kbn_triggers_actions_ui_types.mdx b/api_docs/kbn_triggers_actions_ui_types.mdx index 73ab2db8265da..5849a9efd2b90 100644 --- a/api_docs/kbn_triggers_actions_ui_types.mdx +++ b/api_docs/kbn_triggers_actions_ui_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-triggers-actions-ui-types title: "@kbn/triggers-actions-ui-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/triggers-actions-ui-types plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/triggers-actions-ui-types'] --- import kbnTriggersActionsUiTypesObj from './kbn_triggers_actions_ui_types.devdocs.json'; diff --git a/api_docs/kbn_try_in_console.mdx b/api_docs/kbn_try_in_console.mdx index c28331d513129..69bcf41fd473f 100644 --- a/api_docs/kbn_try_in_console.mdx +++ b/api_docs/kbn_try_in_console.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-try-in-console title: "@kbn/try-in-console" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/try-in-console plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/try-in-console'] --- import kbnTryInConsoleObj from './kbn_try_in_console.devdocs.json'; diff --git a/api_docs/kbn_ts_projects.mdx b/api_docs/kbn_ts_projects.mdx index 0baed0d4973de..6a054f4a256ea 100644 --- a/api_docs/kbn_ts_projects.mdx +++ b/api_docs/kbn_ts_projects.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ts-projects title: "@kbn/ts-projects" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ts-projects plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ts-projects'] --- import kbnTsProjectsObj from './kbn_ts_projects.devdocs.json'; diff --git a/api_docs/kbn_typed_react_router_config.mdx b/api_docs/kbn_typed_react_router_config.mdx index fa888d99adf38..1ac4cba85ef1c 100644 --- a/api_docs/kbn_typed_react_router_config.mdx +++ b/api_docs/kbn_typed_react_router_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-typed-react-router-config title: "@kbn/typed-react-router-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/typed-react-router-config plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/typed-react-router-config'] --- import kbnTypedReactRouterConfigObj from './kbn_typed_react_router_config.devdocs.json'; diff --git a/api_docs/kbn_ui_actions_browser.mdx b/api_docs/kbn_ui_actions_browser.mdx index 5a4940104bc25..43a43ac88b405 100644 --- a/api_docs/kbn_ui_actions_browser.mdx +++ b/api_docs/kbn_ui_actions_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ui-actions-browser title: "@kbn/ui-actions-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ui-actions-browser plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ui-actions-browser'] --- import kbnUiActionsBrowserObj from './kbn_ui_actions_browser.devdocs.json'; diff --git a/api_docs/kbn_ui_shared_deps_src.mdx b/api_docs/kbn_ui_shared_deps_src.mdx index e85dac8fda8a4..7f7ec69fed93c 100644 --- a/api_docs/kbn_ui_shared_deps_src.mdx +++ b/api_docs/kbn_ui_shared_deps_src.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ui-shared-deps-src title: "@kbn/ui-shared-deps-src" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ui-shared-deps-src plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ui-shared-deps-src'] --- import kbnUiSharedDepsSrcObj from './kbn_ui_shared_deps_src.devdocs.json'; diff --git a/api_docs/kbn_ui_theme.mdx b/api_docs/kbn_ui_theme.mdx index b4db58ac5e143..23194ca7186a8 100644 --- a/api_docs/kbn_ui_theme.mdx +++ b/api_docs/kbn_ui_theme.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ui-theme title: "@kbn/ui-theme" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ui-theme plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ui-theme'] --- import kbnUiThemeObj from './kbn_ui_theme.devdocs.json'; diff --git a/api_docs/kbn_unified_data_table.mdx b/api_docs/kbn_unified_data_table.mdx index 376365b4aaac3..d2d8042d94608 100644 --- a/api_docs/kbn_unified_data_table.mdx +++ b/api_docs/kbn_unified_data_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unified-data-table title: "@kbn/unified-data-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unified-data-table plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unified-data-table'] --- import kbnUnifiedDataTableObj from './kbn_unified_data_table.devdocs.json'; diff --git a/api_docs/kbn_unified_doc_viewer.mdx b/api_docs/kbn_unified_doc_viewer.mdx index 9956162d3ddd5..c767f5609cd6e 100644 --- a/api_docs/kbn_unified_doc_viewer.mdx +++ b/api_docs/kbn_unified_doc_viewer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unified-doc-viewer title: "@kbn/unified-doc-viewer" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unified-doc-viewer plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unified-doc-viewer'] --- import kbnUnifiedDocViewerObj from './kbn_unified_doc_viewer.devdocs.json'; diff --git a/api_docs/kbn_unified_field_list.mdx b/api_docs/kbn_unified_field_list.mdx index 4bb2d56a83777..15511689dce59 100644 --- a/api_docs/kbn_unified_field_list.mdx +++ b/api_docs/kbn_unified_field_list.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unified-field-list title: "@kbn/unified-field-list" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unified-field-list plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unified-field-list'] --- import kbnUnifiedFieldListObj from './kbn_unified_field_list.devdocs.json'; diff --git a/api_docs/kbn_unsaved_changes_badge.mdx b/api_docs/kbn_unsaved_changes_badge.mdx index 86c235924b08a..cc98e7bcf8abd 100644 --- a/api_docs/kbn_unsaved_changes_badge.mdx +++ b/api_docs/kbn_unsaved_changes_badge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unsaved-changes-badge title: "@kbn/unsaved-changes-badge" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unsaved-changes-badge plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unsaved-changes-badge'] --- import kbnUnsavedChangesBadgeObj from './kbn_unsaved_changes_badge.devdocs.json'; diff --git a/api_docs/kbn_unsaved_changes_prompt.mdx b/api_docs/kbn_unsaved_changes_prompt.mdx index b1019abcf3a7f..58f68d5fe539a 100644 --- a/api_docs/kbn_unsaved_changes_prompt.mdx +++ b/api_docs/kbn_unsaved_changes_prompt.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unsaved-changes-prompt title: "@kbn/unsaved-changes-prompt" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unsaved-changes-prompt plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unsaved-changes-prompt'] --- import kbnUnsavedChangesPromptObj from './kbn_unsaved_changes_prompt.devdocs.json'; diff --git a/api_docs/kbn_use_tracked_promise.mdx b/api_docs/kbn_use_tracked_promise.mdx index f7d5d9802dd3a..0accc62d598bd 100644 --- a/api_docs/kbn_use_tracked_promise.mdx +++ b/api_docs/kbn_use_tracked_promise.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-use-tracked-promise title: "@kbn/use-tracked-promise" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/use-tracked-promise plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/use-tracked-promise'] --- import kbnUseTrackedPromiseObj from './kbn_use_tracked_promise.devdocs.json'; diff --git a/api_docs/kbn_user_profile_components.mdx b/api_docs/kbn_user_profile_components.mdx index 3d93e17085d0b..c9074c9340112 100644 --- a/api_docs/kbn_user_profile_components.mdx +++ b/api_docs/kbn_user_profile_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-user-profile-components title: "@kbn/user-profile-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/user-profile-components plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/user-profile-components'] --- import kbnUserProfileComponentsObj from './kbn_user_profile_components.devdocs.json'; diff --git a/api_docs/kbn_utility_types.mdx b/api_docs/kbn_utility_types.mdx index 1b8a2e6e4c015..18de608035626 100644 --- a/api_docs/kbn_utility_types.mdx +++ b/api_docs/kbn_utility_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-utility-types title: "@kbn/utility-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/utility-types plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/utility-types'] --- import kbnUtilityTypesObj from './kbn_utility_types.devdocs.json'; diff --git a/api_docs/kbn_utility_types_jest.mdx b/api_docs/kbn_utility_types_jest.mdx index d97f361d571e7..ea4d16e397320 100644 --- a/api_docs/kbn_utility_types_jest.mdx +++ b/api_docs/kbn_utility_types_jest.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-utility-types-jest title: "@kbn/utility-types-jest" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/utility-types-jest plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/utility-types-jest'] --- import kbnUtilityTypesJestObj from './kbn_utility_types_jest.devdocs.json'; diff --git a/api_docs/kbn_utils.mdx b/api_docs/kbn_utils.mdx index b470ecd37a67e..d85908c75994d 100644 --- a/api_docs/kbn_utils.mdx +++ b/api_docs/kbn_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-utils title: "@kbn/utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/utils'] --- import kbnUtilsObj from './kbn_utils.devdocs.json'; diff --git a/api_docs/kbn_visualization_ui_components.mdx b/api_docs/kbn_visualization_ui_components.mdx index 3ec389e690a40..60e4fa629510e 100644 --- a/api_docs/kbn_visualization_ui_components.mdx +++ b/api_docs/kbn_visualization_ui_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-visualization-ui-components title: "@kbn/visualization-ui-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/visualization-ui-components plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/visualization-ui-components'] --- import kbnVisualizationUiComponentsObj from './kbn_visualization_ui_components.devdocs.json'; diff --git a/api_docs/kbn_visualization_utils.mdx b/api_docs/kbn_visualization_utils.mdx index edde6552e6e48..71d386525023e 100644 --- a/api_docs/kbn_visualization_utils.mdx +++ b/api_docs/kbn_visualization_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-visualization-utils title: "@kbn/visualization-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/visualization-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/visualization-utils'] --- import kbnVisualizationUtilsObj from './kbn_visualization_utils.devdocs.json'; diff --git a/api_docs/kbn_xstate_utils.mdx b/api_docs/kbn_xstate_utils.mdx index 6b89317a24e24..b3cf6d985e582 100644 --- a/api_docs/kbn_xstate_utils.mdx +++ b/api_docs/kbn_xstate_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-xstate-utils title: "@kbn/xstate-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/xstate-utils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/xstate-utils'] --- import kbnXstateUtilsObj from './kbn_xstate_utils.devdocs.json'; diff --git a/api_docs/kbn_yarn_lock_validator.mdx b/api_docs/kbn_yarn_lock_validator.mdx index 6daed9b370f76..07d23c127a61d 100644 --- a/api_docs/kbn_yarn_lock_validator.mdx +++ b/api_docs/kbn_yarn_lock_validator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-yarn-lock-validator title: "@kbn/yarn-lock-validator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/yarn-lock-validator plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/yarn-lock-validator'] --- import kbnYarnLockValidatorObj from './kbn_yarn_lock_validator.devdocs.json'; diff --git a/api_docs/kbn_zod.mdx b/api_docs/kbn_zod.mdx index 3c2e859097c8f..a77c60d4644f3 100644 --- a/api_docs/kbn_zod.mdx +++ b/api_docs/kbn_zod.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-zod title: "@kbn/zod" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/zod plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/zod'] --- import kbnZodObj from './kbn_zod.devdocs.json'; diff --git a/api_docs/kbn_zod_helpers.mdx b/api_docs/kbn_zod_helpers.mdx index cdff0021aacd7..c76a867b5ee30 100644 --- a/api_docs/kbn_zod_helpers.mdx +++ b/api_docs/kbn_zod_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-zod-helpers title: "@kbn/zod-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/zod-helpers plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/zod-helpers'] --- import kbnZodHelpersObj from './kbn_zod_helpers.devdocs.json'; diff --git a/api_docs/kibana_overview.mdx b/api_docs/kibana_overview.mdx index 74ef38b08ec3f..17f937cf9f3e2 100644 --- a/api_docs/kibana_overview.mdx +++ b/api_docs/kibana_overview.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kibanaOverview title: "kibanaOverview" image: https://source.unsplash.com/400x175/?github description: API docs for the kibanaOverview plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kibanaOverview'] --- import kibanaOverviewObj from './kibana_overview.devdocs.json'; diff --git a/api_docs/kibana_react.mdx b/api_docs/kibana_react.mdx index 62d77d33dcf5f..437428377c8b5 100644 --- a/api_docs/kibana_react.mdx +++ b/api_docs/kibana_react.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kibanaReact title: "kibanaReact" image: https://source.unsplash.com/400x175/?github description: API docs for the kibanaReact plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kibanaReact'] --- import kibanaReactObj from './kibana_react.devdocs.json'; diff --git a/api_docs/kibana_utils.mdx b/api_docs/kibana_utils.mdx index 0e97569a1b519..f3e1d6c1412da 100644 --- a/api_docs/kibana_utils.mdx +++ b/api_docs/kibana_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kibanaUtils title: "kibanaUtils" image: https://source.unsplash.com/400x175/?github description: API docs for the kibanaUtils plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kibanaUtils'] --- import kibanaUtilsObj from './kibana_utils.devdocs.json'; diff --git a/api_docs/kubernetes_security.mdx b/api_docs/kubernetes_security.mdx index b0104c8adc19f..c458665807d59 100644 --- a/api_docs/kubernetes_security.mdx +++ b/api_docs/kubernetes_security.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kubernetesSecurity title: "kubernetesSecurity" image: https://source.unsplash.com/400x175/?github description: API docs for the kubernetesSecurity plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kubernetesSecurity'] --- import kubernetesSecurityObj from './kubernetes_security.devdocs.json'; diff --git a/api_docs/lens.mdx b/api_docs/lens.mdx index aeee722227a5d..8fba5488d8c70 100644 --- a/api_docs/lens.mdx +++ b/api_docs/lens.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/lens title: "lens" image: https://source.unsplash.com/400x175/?github description: API docs for the lens plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'lens'] --- import lensObj from './lens.devdocs.json'; diff --git a/api_docs/license_api_guard.mdx b/api_docs/license_api_guard.mdx index 30b723b877656..be600342673f0 100644 --- a/api_docs/license_api_guard.mdx +++ b/api_docs/license_api_guard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/licenseApiGuard title: "licenseApiGuard" image: https://source.unsplash.com/400x175/?github description: API docs for the licenseApiGuard plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'licenseApiGuard'] --- import licenseApiGuardObj from './license_api_guard.devdocs.json'; diff --git a/api_docs/license_management.mdx b/api_docs/license_management.mdx index 34cdf278e17a9..62f4e10570268 100644 --- a/api_docs/license_management.mdx +++ b/api_docs/license_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/licenseManagement title: "licenseManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the licenseManagement plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'licenseManagement'] --- import licenseManagementObj from './license_management.devdocs.json'; diff --git a/api_docs/licensing.mdx b/api_docs/licensing.mdx index 38904bd0d174b..730f2b64ea891 100644 --- a/api_docs/licensing.mdx +++ b/api_docs/licensing.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/licensing title: "licensing" image: https://source.unsplash.com/400x175/?github description: API docs for the licensing plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'licensing'] --- import licensingObj from './licensing.devdocs.json'; diff --git a/api_docs/links.mdx b/api_docs/links.mdx index a923fd523bda3..b1c144fb68c21 100644 --- a/api_docs/links.mdx +++ b/api_docs/links.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/links title: "links" image: https://source.unsplash.com/400x175/?github description: API docs for the links plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'links'] --- import linksObj from './links.devdocs.json'; diff --git a/api_docs/lists.mdx b/api_docs/lists.mdx index 4ff724794f2da..29908ca7177d6 100644 --- a/api_docs/lists.mdx +++ b/api_docs/lists.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/lists title: "lists" image: https://source.unsplash.com/400x175/?github description: API docs for the lists plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'lists'] --- import listsObj from './lists.devdocs.json'; diff --git a/api_docs/logs_data_access.mdx b/api_docs/logs_data_access.mdx index feaab610c69f4..005b3e40d53f5 100644 --- a/api_docs/logs_data_access.mdx +++ b/api_docs/logs_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/logsDataAccess title: "logsDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the logsDataAccess plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'logsDataAccess'] --- import logsDataAccessObj from './logs_data_access.devdocs.json'; diff --git a/api_docs/logs_explorer.mdx b/api_docs/logs_explorer.mdx index 30acf5f93d793..8b3b74dd89d24 100644 --- a/api_docs/logs_explorer.mdx +++ b/api_docs/logs_explorer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/logsExplorer title: "logsExplorer" image: https://source.unsplash.com/400x175/?github description: API docs for the logsExplorer plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'logsExplorer'] --- import logsExplorerObj from './logs_explorer.devdocs.json'; diff --git a/api_docs/logs_shared.mdx b/api_docs/logs_shared.mdx index 6c2d6ab32a622..395b4c14ec7da 100644 --- a/api_docs/logs_shared.mdx +++ b/api_docs/logs_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/logsShared title: "logsShared" image: https://source.unsplash.com/400x175/?github description: API docs for the logsShared plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'logsShared'] --- import logsSharedObj from './logs_shared.devdocs.json'; diff --git a/api_docs/management.mdx b/api_docs/management.mdx index 7f474a4e0b610..97df0a3060425 100644 --- a/api_docs/management.mdx +++ b/api_docs/management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/management title: "management" image: https://source.unsplash.com/400x175/?github description: API docs for the management plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'management'] --- import managementObj from './management.devdocs.json'; diff --git a/api_docs/maps.mdx b/api_docs/maps.mdx index 4d781d8a25877..d40e59fac52b3 100644 --- a/api_docs/maps.mdx +++ b/api_docs/maps.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/maps title: "maps" image: https://source.unsplash.com/400x175/?github description: API docs for the maps plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'maps'] --- import mapsObj from './maps.devdocs.json'; diff --git a/api_docs/maps_ems.mdx b/api_docs/maps_ems.mdx index 7b723a3e7fe88..0a4468b6d80ac 100644 --- a/api_docs/maps_ems.mdx +++ b/api_docs/maps_ems.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/mapsEms title: "mapsEms" image: https://source.unsplash.com/400x175/?github description: API docs for the mapsEms plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'mapsEms'] --- import mapsEmsObj from './maps_ems.devdocs.json'; diff --git a/api_docs/metrics_data_access.mdx b/api_docs/metrics_data_access.mdx index e302251c22646..e9645d3a5ecb9 100644 --- a/api_docs/metrics_data_access.mdx +++ b/api_docs/metrics_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/metricsDataAccess title: "metricsDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the metricsDataAccess plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'metricsDataAccess'] --- import metricsDataAccessObj from './metrics_data_access.devdocs.json'; diff --git a/api_docs/ml.mdx b/api_docs/ml.mdx index 86e6c2f09b519..2f72e76e742ba 100644 --- a/api_docs/ml.mdx +++ b/api_docs/ml.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ml title: "ml" image: https://source.unsplash.com/400x175/?github description: API docs for the ml plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ml'] --- import mlObj from './ml.devdocs.json'; diff --git a/api_docs/mock_idp_plugin.mdx b/api_docs/mock_idp_plugin.mdx index e1aad0582f50e..c8b06dc79ee7e 100644 --- a/api_docs/mock_idp_plugin.mdx +++ b/api_docs/mock_idp_plugin.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/mockIdpPlugin title: "mockIdpPlugin" image: https://source.unsplash.com/400x175/?github description: API docs for the mockIdpPlugin plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'mockIdpPlugin'] --- import mockIdpPluginObj from './mock_idp_plugin.devdocs.json'; diff --git a/api_docs/monitoring.mdx b/api_docs/monitoring.mdx index 9536583f55b81..52498e3021eb4 100644 --- a/api_docs/monitoring.mdx +++ b/api_docs/monitoring.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/monitoring title: "monitoring" image: https://source.unsplash.com/400x175/?github description: API docs for the monitoring plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'monitoring'] --- import monitoringObj from './monitoring.devdocs.json'; diff --git a/api_docs/monitoring_collection.mdx b/api_docs/monitoring_collection.mdx index 2913597ba9cfc..b452d7a4f165c 100644 --- a/api_docs/monitoring_collection.mdx +++ b/api_docs/monitoring_collection.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/monitoringCollection title: "monitoringCollection" image: https://source.unsplash.com/400x175/?github description: API docs for the monitoringCollection plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'monitoringCollection'] --- import monitoringCollectionObj from './monitoring_collection.devdocs.json'; diff --git a/api_docs/navigation.mdx b/api_docs/navigation.mdx index c1a73ac787e5c..dbd826c7ebb41 100644 --- a/api_docs/navigation.mdx +++ b/api_docs/navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/navigation title: "navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the navigation plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'navigation'] --- import navigationObj from './navigation.devdocs.json'; diff --git a/api_docs/newsfeed.mdx b/api_docs/newsfeed.mdx index 5341799db70a1..9473bb748ee3d 100644 --- a/api_docs/newsfeed.mdx +++ b/api_docs/newsfeed.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/newsfeed title: "newsfeed" image: https://source.unsplash.com/400x175/?github description: API docs for the newsfeed plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'newsfeed'] --- import newsfeedObj from './newsfeed.devdocs.json'; diff --git a/api_docs/no_data_page.mdx b/api_docs/no_data_page.mdx index 92843f066694d..fedbed7c1793e 100644 --- a/api_docs/no_data_page.mdx +++ b/api_docs/no_data_page.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/noDataPage title: "noDataPage" image: https://source.unsplash.com/400x175/?github description: API docs for the noDataPage plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'noDataPage'] --- import noDataPageObj from './no_data_page.devdocs.json'; diff --git a/api_docs/notifications.mdx b/api_docs/notifications.mdx index 7cc7ece9e6921..400ea784baa30 100644 --- a/api_docs/notifications.mdx +++ b/api_docs/notifications.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/notifications title: "notifications" image: https://source.unsplash.com/400x175/?github description: API docs for the notifications plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'notifications'] --- import notificationsObj from './notifications.devdocs.json'; diff --git a/api_docs/observability.mdx b/api_docs/observability.mdx index 0a541bf579906..6ca920895ba28 100644 --- a/api_docs/observability.mdx +++ b/api_docs/observability.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observability title: "observability" image: https://source.unsplash.com/400x175/?github description: API docs for the observability plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observability'] --- import observabilityObj from './observability.devdocs.json'; diff --git a/api_docs/observability_a_i_assistant.mdx b/api_docs/observability_a_i_assistant.mdx index 6d25526cc86ef..f79e798207057 100644 --- a/api_docs/observability_a_i_assistant.mdx +++ b/api_docs/observability_a_i_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityAIAssistant title: "observabilityAIAssistant" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityAIAssistant plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityAIAssistant'] --- import observabilityAIAssistantObj from './observability_a_i_assistant.devdocs.json'; diff --git a/api_docs/observability_a_i_assistant_app.mdx b/api_docs/observability_a_i_assistant_app.mdx index 2ce562381b219..16fc7cd5c797e 100644 --- a/api_docs/observability_a_i_assistant_app.mdx +++ b/api_docs/observability_a_i_assistant_app.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityAIAssistantApp title: "observabilityAIAssistantApp" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityAIAssistantApp plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityAIAssistantApp'] --- import observabilityAIAssistantAppObj from './observability_a_i_assistant_app.devdocs.json'; diff --git a/api_docs/observability_ai_assistant_management.mdx b/api_docs/observability_ai_assistant_management.mdx index 8270811c74e7e..954eddd6cdae7 100644 --- a/api_docs/observability_ai_assistant_management.mdx +++ b/api_docs/observability_ai_assistant_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityAiAssistantManagement title: "observabilityAiAssistantManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityAiAssistantManagement plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityAiAssistantManagement'] --- import observabilityAiAssistantManagementObj from './observability_ai_assistant_management.devdocs.json'; diff --git a/api_docs/observability_logs_explorer.mdx b/api_docs/observability_logs_explorer.mdx index b2b0da30051e8..c59c54939a458 100644 --- a/api_docs/observability_logs_explorer.mdx +++ b/api_docs/observability_logs_explorer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityLogsExplorer title: "observabilityLogsExplorer" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityLogsExplorer plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityLogsExplorer'] --- import observabilityLogsExplorerObj from './observability_logs_explorer.devdocs.json'; diff --git a/api_docs/observability_onboarding.mdx b/api_docs/observability_onboarding.mdx index 8172e97a40b95..39caf81cfa8d3 100644 --- a/api_docs/observability_onboarding.mdx +++ b/api_docs/observability_onboarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityOnboarding title: "observabilityOnboarding" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityOnboarding plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityOnboarding'] --- import observabilityOnboardingObj from './observability_onboarding.devdocs.json'; diff --git a/api_docs/observability_shared.mdx b/api_docs/observability_shared.mdx index 0d7b1d98ddd86..46b3b22e43bbe 100644 --- a/api_docs/observability_shared.mdx +++ b/api_docs/observability_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityShared title: "observabilityShared" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityShared plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityShared'] --- import observabilitySharedObj from './observability_shared.devdocs.json'; diff --git a/api_docs/osquery.mdx b/api_docs/osquery.mdx index 5e99fbf1f8c2b..793481f8788f1 100644 --- a/api_docs/osquery.mdx +++ b/api_docs/osquery.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/osquery title: "osquery" image: https://source.unsplash.com/400x175/?github description: API docs for the osquery plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'osquery'] --- import osqueryObj from './osquery.devdocs.json'; diff --git a/api_docs/painless_lab.mdx b/api_docs/painless_lab.mdx index 71c5f2af71600..754356556a777 100644 --- a/api_docs/painless_lab.mdx +++ b/api_docs/painless_lab.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/painlessLab title: "painlessLab" image: https://source.unsplash.com/400x175/?github description: API docs for the painlessLab plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'painlessLab'] --- import painlessLabObj from './painless_lab.devdocs.json'; diff --git a/api_docs/plugin_directory.mdx b/api_docs/plugin_directory.mdx index dac5bf7072d72..a26787722b3fe 100644 --- a/api_docs/plugin_directory.mdx +++ b/api_docs/plugin_directory.mdx @@ -7,7 +7,7 @@ id: kibDevDocsPluginDirectory slug: /kibana-dev-docs/api-meta/plugin-api-directory title: Directory description: Directory of public APIs available through plugins or packages. -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- @@ -15,13 +15,13 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | Count | Plugins or Packages with a
public API | Number of teams | |--------------|----------|------------------------| -| 860 | 733 | 45 | +| 861 | 734 | 45 | ### Public API health stats | API Count | Any Count | Missing comments | Missing exports | |--------------|----------|-----------------|--------| -| 53181 | 245 | 39877 | 1963 | +| 53179 | 245 | 39881 | 1963 | ## Plugin Directory @@ -57,6 +57,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kibana-presentation) | - | 54 | 0 | 51 | 0 | | | [@elastic/kibana-visualizations](https://github.com/orgs/elastic/teams/kibana-visualizations) | Data services are useful for searching and querying data from Elasticsearch. Helpful utilities include: a re-usable react query bar, KQL autocomplete, async search, Data Views (Index Patterns) and field formatters. | 3209 | 31 | 2594 | 24 | | | [@elastic/obs-ux-logs-team](https://github.com/orgs/elastic/teams/obs-ux-logs-team) | - | 5 | 0 | 5 | 0 | +| | [@elastic/obs-ai-assistant](https://github.com/orgs/elastic/teams/obs-ai-assistant) | - | 6 | 0 | 6 | 0 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | This plugin provides the ability to create data views via a modal flyout inside Kibana apps | 35 | 0 | 25 | 5 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | Reusable data view field editor across Kibana | 72 | 0 | 33 | 1 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | Data view management app | 2 | 0 | 2 | 0 | @@ -80,7 +81,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-esql](https://github.com/orgs/elastic/teams/kibana-esql) | - | 2 | 0 | 2 | 0 | | | [@elastic/kibana-visualizations](https://github.com/orgs/elastic/teams/kibana-visualizations) | The Event Annotation service contains expressions for event annotations | 201 | 0 | 201 | 6 | | | [@elastic/kibana-visualizations](https://github.com/orgs/elastic/teams/kibana-visualizations) | The listing page for event annotations. | 15 | 0 | 15 | 0 | -| | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 112 | 0 | 112 | 11 | +| | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 116 | 0 | 116 | 11 | | | [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/obs-ux-management-team) | - | 126 | 0 | 126 | 12 | | | [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kibana-presentation) | Adds 'error' renderer to expressions | 17 | 0 | 15 | 2 | | | [@elastic/kibana-visualizations](https://github.com/orgs/elastic/teams/kibana-visualizations) | Expression Gauge plugin adds a `gauge` renderer and function to the expression plugin. The renderer will display the `gauge` chart. | 59 | 0 | 58 | 2 | @@ -102,7 +103,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kibana-presentation) | The file upload plugin contains components and services for uploading a file, analyzing its data, and then importing the data into an Elasticsearch index. Supported file types include CSV, TSV, newline-delimited JSON and GeoJSON. | 88 | 0 | 88 | 8 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | File upload, download, sharing, and serving over HTTP implementation in Kibana. | 240 | 0 | 24 | 9 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | Simple UI for managing files in Kibana | 3 | 0 | 3 | 0 | -| | [@elastic/fleet](https://github.com/orgs/elastic/teams/fleet) | - | 1361 | 5 | 1238 | 74 | +| | [@elastic/fleet](https://github.com/orgs/elastic/teams/fleet) | - | 1364 | 5 | 1241 | 74 | | ftrApis | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 0 | 0 | 0 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 72 | 0 | 14 | 5 | | globalSearchBar | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 0 | 0 | 0 | 0 | @@ -169,11 +170,11 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 21 | 0 | 21 | 0 | | | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 285 | 0 | 248 | 11 | | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 24 | 0 | 19 | 2 | -| | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 132 | 2 | 121 | 5 | +| | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 114 | 2 | 109 | 5 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | - | 25 | 0 | 25 | 0 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 148 | 0 | 139 | 2 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 89 | 0 | 83 | 3 | -| | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 105 | 0 | 57 | 1 | +| | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 100 | 0 | 53 | 1 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | This plugin contains the definition and helper methods around saved searches, used by discover and visualizations. | 61 | 0 | 60 | 3 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 32 | 0 | 13 | 0 | | | [@elastic/kibana-reporting-services](https://github.com/orgs/elastic/teams/kibana-reporting-services) | Kibana Screenshotting Plugin | 32 | 0 | 8 | 3 | @@ -276,10 +277,10 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 62 | 0 | 17 | 1 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 2 | 0 | 2 | 0 | | | [@elastic/kibana-cloud-security-posture](https://github.com/orgs/elastic/teams/kibana-cloud-security-posture) | - | 74 | 1 | 74 | 0 | -| | [@elastic/kibana-cloud-security-posture](https://github.com/orgs/elastic/teams/kibana-cloud-security-posture) | - | 61 | 0 | 60 | 0 | +| | [@elastic/kibana-cloud-security-posture](https://github.com/orgs/elastic/teams/kibana-cloud-security-posture) | - | 68 | 0 | 66 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 41 | 0 | 17 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 2 | 0 | 2 | 0 | -| | [@elastic/appex-qa](https://github.com/orgs/elastic/teams/appex-qa) | - | 8 | 0 | 4 | 0 | +| | [@elastic/appex-qa](https://github.com/orgs/elastic/teams/appex-qa) | - | 9 | 0 | 4 | 0 | | | [@elastic/kibana-visualizations](https://github.com/orgs/elastic/teams/kibana-visualizations) | - | 227 | 0 | 188 | 9 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 79 | 0 | 50 | 9 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 24 | 0 | 24 | 0 | @@ -506,7 +507,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-visualizations](https://github.com/orgs/elastic/teams/kibana-visualizations) | - | 57 | 0 | 30 | 6 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 37 | 0 | 28 | 2 | | | [@elastic/security-threat-hunting-explore](https://github.com/orgs/elastic/teams/security-threat-hunting-explore) | - | 16 | 0 | 8 | 0 | -| | [@elastic/obs-ux-logs-team](https://github.com/orgs/elastic/teams/obs-ux-logs-team) | - | 35 | 0 | 34 | 0 | +| | [@elastic/obs-ux-logs-team](https://github.com/orgs/elastic/teams/obs-ux-logs-team) | - | 38 | 0 | 37 | 0 | | | [@elastic/security-generative-ai](https://github.com/orgs/elastic/teams/security-generative-ai) | - | 159 | 0 | 133 | 10 | | | [@elastic/security-generative-ai](https://github.com/orgs/elastic/teams/security-generative-ai) | - | 390 | 0 | 363 | 0 | | | [@elastic/obs-entities](https://github.com/orgs/elastic/teams/obs-entities) | - | 44 | 0 | 44 | 0 | @@ -752,7 +753,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/obs-knowledge-team](https://github.com/orgs/elastic/teams/obs-knowledge-team) | - | 19 | 0 | 19 | 3 | | | [@elastic/obs-knowledge-team](https://github.com/orgs/elastic/teams/obs-knowledge-team) | - | 1 | 0 | 1 | 1 | | | [@elastic/obs-knowledge-team](https://github.com/orgs/elastic/teams/obs-knowledge-team) | - | 2 | 0 | 2 | 0 | -| | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 111 | 2 | 72 | 1 | +| | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 108 | 2 | 70 | 1 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 4 | 0 | 2 | 0 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 41 | 2 | 21 | 0 | | | [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/obs-ux-management-team) | - | 32 | 2 | 32 | 0 | diff --git a/api_docs/presentation_panel.mdx b/api_docs/presentation_panel.mdx index d2b7230886f5d..25dd271be08e0 100644 --- a/api_docs/presentation_panel.mdx +++ b/api_docs/presentation_panel.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/presentationPanel title: "presentationPanel" image: https://source.unsplash.com/400x175/?github description: API docs for the presentationPanel plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'presentationPanel'] --- import presentationPanelObj from './presentation_panel.devdocs.json'; diff --git a/api_docs/presentation_util.mdx b/api_docs/presentation_util.mdx index 67cc9a179b22d..e957b448a3cdc 100644 --- a/api_docs/presentation_util.mdx +++ b/api_docs/presentation_util.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/presentationUtil title: "presentationUtil" image: https://source.unsplash.com/400x175/?github description: API docs for the presentationUtil plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'presentationUtil'] --- import presentationUtilObj from './presentation_util.devdocs.json'; diff --git a/api_docs/profiling.mdx b/api_docs/profiling.mdx index a7794f056166a..b97212faa6938 100644 --- a/api_docs/profiling.mdx +++ b/api_docs/profiling.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/profiling title: "profiling" image: https://source.unsplash.com/400x175/?github description: API docs for the profiling plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'profiling'] --- import profilingObj from './profiling.devdocs.json'; diff --git a/api_docs/profiling_data_access.mdx b/api_docs/profiling_data_access.mdx index 3d6e03ee2863a..69e88b72cbd17 100644 --- a/api_docs/profiling_data_access.mdx +++ b/api_docs/profiling_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/profilingDataAccess title: "profilingDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the profilingDataAccess plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'profilingDataAccess'] --- import profilingDataAccessObj from './profiling_data_access.devdocs.json'; diff --git a/api_docs/remote_clusters.mdx b/api_docs/remote_clusters.mdx index 67d42e20b3b4f..08f49f79c6635 100644 --- a/api_docs/remote_clusters.mdx +++ b/api_docs/remote_clusters.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/remoteClusters title: "remoteClusters" image: https://source.unsplash.com/400x175/?github description: API docs for the remoteClusters plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'remoteClusters'] --- import remoteClustersObj from './remote_clusters.devdocs.json'; diff --git a/api_docs/reporting.mdx b/api_docs/reporting.mdx index 77c3d4977db30..bc7d06f99d3ba 100644 --- a/api_docs/reporting.mdx +++ b/api_docs/reporting.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/reporting title: "reporting" image: https://source.unsplash.com/400x175/?github description: API docs for the reporting plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'reporting'] --- import reportingObj from './reporting.devdocs.json'; diff --git a/api_docs/rollup.mdx b/api_docs/rollup.mdx index 134c99c026dce..9bc85d037cd9d 100644 --- a/api_docs/rollup.mdx +++ b/api_docs/rollup.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/rollup title: "rollup" image: https://source.unsplash.com/400x175/?github description: API docs for the rollup plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'rollup'] --- import rollupObj from './rollup.devdocs.json'; diff --git a/api_docs/rule_registry.mdx b/api_docs/rule_registry.mdx index 7712d52205330..e4c485f91ea13 100644 --- a/api_docs/rule_registry.mdx +++ b/api_docs/rule_registry.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ruleRegistry title: "ruleRegistry" image: https://source.unsplash.com/400x175/?github description: API docs for the ruleRegistry plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ruleRegistry'] --- import ruleRegistryObj from './rule_registry.devdocs.json'; diff --git a/api_docs/runtime_fields.mdx b/api_docs/runtime_fields.mdx index 499311440a8d9..19d03aa4ca963 100644 --- a/api_docs/runtime_fields.mdx +++ b/api_docs/runtime_fields.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/runtimeFields title: "runtimeFields" image: https://source.unsplash.com/400x175/?github description: API docs for the runtimeFields plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'runtimeFields'] --- import runtimeFieldsObj from './runtime_fields.devdocs.json'; diff --git a/api_docs/saved_objects.devdocs.json b/api_docs/saved_objects.devdocs.json index aed8018111e8f..0e1d7fbd0262d 100644 --- a/api_docs/saved_objects.devdocs.json +++ b/api_docs/saved_objects.devdocs.json @@ -1035,28 +1035,7 @@ "deprecated": true, "removeBy": "8.8.0", "trackAdoption": false, - "references": [ - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/api.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/types.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/types.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/api.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/api.ts" - } - ], + "references": [], "children": [ { "parentPluginId": "savedObjects", @@ -1899,223 +1878,6 @@ ], "initialIsOpen": false }, - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecorator", - "type": "Interface", - "tags": [], - "label": "SavedObjectDecorator", - "description": [], - "signature": [ - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObjectDecorator", - "text": "SavedObjectDecorator" - }, - "" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/types.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecorator.getId", - "type": "Function", - "tags": [], - "label": "getId", - "description": [ - "\nId of the decorator" - ], - "signature": [ - "() => string" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/types.ts", - "deprecated": false, - "trackAdoption": false, - "children": [], - "returnComment": [] - }, - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecorator.decorateConfig", - "type": "Function", - "tags": [], - "label": "decorateConfig", - "description": [ - "\nDecorate the saved object provided config. This can be used to enhance or alter the object's provided\nconfiguration." - ], - "signature": [ - "(config: ", - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObjectConfig", - "text": "SavedObjectConfig" - }, - ") => void" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/types.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecorator.decorateConfig.$1", - "type": "Object", - "tags": [], - "label": "config", - "description": [], - "signature": [ - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObjectConfig", - "text": "SavedObjectConfig" - } - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/types.ts", - "deprecated": false, - "trackAdoption": false, - "isRequired": true - } - ], - "returnComment": [] - }, - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecorator.decorateObject", - "type": "Function", - "tags": [], - "label": "decorateObject", - "description": [ - "\nDecorate the saved object instance. Can be used to add additional methods to it.\n" - ], - "signature": [ - "(object: T) => void" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/types.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecorator.decorateObject.$1", - "type": "Uncategorized", - "tags": [], - "label": "object", - "description": [], - "signature": [ - "T" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/types.ts", - "deprecated": false, - "trackAdoption": false, - "isRequired": true - } - ], - "returnComment": [] - } - ], - "initialIsOpen": false - }, - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecoratorConfig", - "type": "Interface", - "tags": [], - "label": "SavedObjectDecoratorConfig", - "description": [], - "signature": [ - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObjectDecoratorConfig", - "text": "SavedObjectDecoratorConfig" - }, - "" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/registry.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecoratorConfig.id", - "type": "string", - "tags": [], - "label": "id", - "description": [ - "\nThe id of the decorator" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/registry.ts", - "deprecated": false, - "trackAdoption": false - }, - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecoratorConfig.priority", - "type": "number", - "tags": [], - "label": "priority", - "description": [ - "\nHighest priority will be called **last**\n(the decoration will be at the highest level)" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/registry.ts", - "deprecated": false, - "trackAdoption": false - }, - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecoratorConfig.factory", - "type": "Function", - "tags": [], - "label": "factory", - "description": [ - "\nThe factory to use to create the decorator" - ], - "signature": [ - "(services: ", - "SavedObjectKibanaServices", - ") => ", - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObjectDecorator", - "text": "SavedObjectDecorator" - }, - "" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/registry.ts", - "deprecated": false, - "trackAdoption": false, - "returnComment": [], - "children": [ - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecoratorConfig.factory.$1", - "type": "Object", - "tags": [], - "label": "services", - "description": [], - "signature": [ - "SavedObjectKibanaServices" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/types.ts", - "deprecated": false, - "trackAdoption": false - } - ] - } - ], - "initialIsOpen": false - }, { "parentPluginId": "savedObjects", "id": "def-public.SavedObjectSaveOpts", @@ -2282,48 +2044,6 @@ ], "enums": [], "misc": [ - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecoratorFactory", - "type": "Type", - "tags": [], - "label": "SavedObjectDecoratorFactory", - "description": [], - "signature": [ - "(services: ", - "SavedObjectKibanaServices", - ") => ", - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObjectDecorator", - "text": "SavedObjectDecorator" - }, - "" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/types.ts", - "deprecated": false, - "trackAdoption": false, - "returnComment": [], - "children": [ - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecoratorFactory.$1", - "type": "Object", - "tags": [], - "label": "services", - "description": [], - "signature": [ - "SavedObjectKibanaServices" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/types.ts", - "deprecated": false, - "trackAdoption": false - } - ], - "initialIsOpen": false - }, { "parentPluginId": "savedObjects", "id": "def-public.SaveResult", @@ -2342,118 +2062,7 @@ "initialIsOpen": false } ], - "objects": [], - "start": { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectsStart", - "type": "Interface", - "tags": [], - "label": "SavedObjectsStart", - "description": [], - "path": "src/plugins/saved_objects/public/plugin.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectsStart.SavedObjectClass", - "type": "Object", - "tags": [ - "deprecated" - ], - "label": "SavedObjectClass", - "description": [], - "signature": [ - "new (raw: Record) => ", - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObject", - "text": "SavedObject" - }, - "<", - { - "pluginId": "@kbn/core-saved-objects-common", - "scope": "common", - "docId": "kibKbnCoreSavedObjectsCommonPluginApi", - "section": "def-common.SavedObjectAttributes", - "text": "SavedObjectAttributes" - }, - ">" - ], - "path": "src/plugins/saved_objects/public/plugin.ts", - "deprecated": true, - "removeBy": "8.8.0", - "trackAdoption": false, - "references": [] - } - ], - "lifecycle": "start", - "initialIsOpen": true - }, - "setup": { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectSetup", - "type": "Interface", - "tags": [], - "label": "SavedObjectSetup", - "description": [], - "path": "src/plugins/saved_objects/public/plugin.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectSetup.registerDecorator", - "type": "Function", - "tags": [], - "label": "registerDecorator", - "description": [], - "signature": [ - "(config: ", - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObjectDecoratorConfig", - "text": "SavedObjectDecoratorConfig" - }, - ") => void" - ], - "path": "src/plugins/saved_objects/public/plugin.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectSetup.registerDecorator.$1", - "type": "Object", - "tags": [], - "label": "config", - "description": [], - "signature": [ - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObjectDecoratorConfig", - "text": "SavedObjectDecoratorConfig" - }, - "" - ], - "path": "src/plugins/saved_objects/public/plugin.ts", - "deprecated": false, - "trackAdoption": false, - "isRequired": true - } - ], - "returnComment": [] - } - ], - "lifecycle": "setup", - "initialIsOpen": true - } + "objects": [] }, "server": { "classes": [], diff --git a/api_docs/saved_objects.mdx b/api_docs/saved_objects.mdx index 123244801f78b..09e318b3a648c 100644 --- a/api_docs/saved_objects.mdx +++ b/api_docs/saved_objects.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjects title: "savedObjects" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjects plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjects'] --- import savedObjectsObj from './saved_objects.devdocs.json'; @@ -21,16 +21,10 @@ Contact [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 132 | 2 | 121 | 5 | +| 114 | 2 | 109 | 5 | ## Client -### Setup - - -### Start - - ### Functions diff --git a/api_docs/saved_objects_finder.mdx b/api_docs/saved_objects_finder.mdx index ab63292004fa9..f31b19553c1aa 100644 --- a/api_docs/saved_objects_finder.mdx +++ b/api_docs/saved_objects_finder.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsFinder title: "savedObjectsFinder" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsFinder plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsFinder'] --- import savedObjectsFinderObj from './saved_objects_finder.devdocs.json'; diff --git a/api_docs/saved_objects_management.mdx b/api_docs/saved_objects_management.mdx index 2521d0192d84f..65b10728be4db 100644 --- a/api_docs/saved_objects_management.mdx +++ b/api_docs/saved_objects_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsManagement title: "savedObjectsManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsManagement plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsManagement'] --- import savedObjectsManagementObj from './saved_objects_management.devdocs.json'; diff --git a/api_docs/saved_objects_tagging.mdx b/api_docs/saved_objects_tagging.mdx index 6e23a8de2f200..a695b0307aeb9 100644 --- a/api_docs/saved_objects_tagging.mdx +++ b/api_docs/saved_objects_tagging.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsTagging title: "savedObjectsTagging" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsTagging plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsTagging'] --- import savedObjectsTaggingObj from './saved_objects_tagging.devdocs.json'; diff --git a/api_docs/saved_objects_tagging_oss.devdocs.json b/api_docs/saved_objects_tagging_oss.devdocs.json index f026546854a0d..64abacff50a11 100644 --- a/api_docs/saved_objects_tagging_oss.devdocs.json +++ b/api_docs/saved_objects_tagging_oss.devdocs.json @@ -467,78 +467,6 @@ "children": [], "returnComment": [] }, - { - "parentPluginId": "savedObjectsTaggingOss", - "id": "def-public.SavedObjectsTaggingApiUi.hasTagDecoration", - "type": "Function", - "tags": [], - "label": "hasTagDecoration", - "description": [ - "\nType-guard to safely manipulate tag-enhanced `SavedObject` from the `savedObject` plugin.\n" - ], - "signature": [ - "(object: ", - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObject", - "text": "SavedObject" - }, - "<", - { - "pluginId": "@kbn/core-saved-objects-common", - "scope": "common", - "docId": "kibKbnCoreSavedObjectsCommonPluginApi", - "section": "def-common.SavedObjectAttributes", - "text": "SavedObjectAttributes" - }, - ">) => object is ", - { - "pluginId": "savedObjectsTaggingOss", - "scope": "public", - "docId": "kibSavedObjectsTaggingOssPluginApi", - "section": "def-public.TagDecoratedSavedObject", - "text": "TagDecoratedSavedObject" - } - ], - "path": "src/plugins/saved_objects_tagging_oss/public/api.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "savedObjectsTaggingOss", - "id": "def-public.SavedObjectsTaggingApiUi.hasTagDecoration.$1", - "type": "Object", - "tags": [], - "label": "object", - "description": [], - "signature": [ - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObject", - "text": "SavedObject" - }, - "<", - { - "pluginId": "@kbn/core-saved-objects-common", - "scope": "common", - "docId": "kibKbnCoreSavedObjectsCommonPluginApi", - "section": "def-common.SavedObjectAttributes", - "text": "SavedObjectAttributes" - }, - ">" - ], - "path": "src/plugins/saved_objects_tagging_oss/public/api.ts", - "deprecated": false, - "trackAdoption": false, - "isRequired": true - } - ], - "returnComment": [] - }, { "parentPluginId": "savedObjectsTaggingOss", "id": "def-public.SavedObjectsTaggingApiUi.getSearchBarFilter", @@ -1383,106 +1311,6 @@ "deprecated": false, "trackAdoption": false, "initialIsOpen": false - }, - { - "parentPluginId": "savedObjectsTaggingOss", - "id": "def-public.SavedObjectTagDecoratorTypeGuard", - "type": "Type", - "tags": [], - "label": "SavedObjectTagDecoratorTypeGuard", - "description": [], - "signature": [ - "(object: ", - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObject", - "text": "SavedObject" - }, - "<", - { - "pluginId": "@kbn/core-saved-objects-common", - "scope": "common", - "docId": "kibKbnCoreSavedObjectsCommonPluginApi", - "section": "def-common.SavedObjectAttributes", - "text": "SavedObjectAttributes" - }, - ">) => object is ", - { - "pluginId": "savedObjectsTaggingOss", - "scope": "public", - "docId": "kibSavedObjectsTaggingOssPluginApi", - "section": "def-public.TagDecoratedSavedObject", - "text": "TagDecoratedSavedObject" - } - ], - "path": "src/plugins/saved_objects_tagging_oss/public/api.ts", - "deprecated": false, - "trackAdoption": false, - "returnComment": [], - "children": [ - { - "parentPluginId": "savedObjectsTaggingOss", - "id": "def-public.SavedObjectTagDecoratorTypeGuard.$1", - "type": "Object", - "tags": [], - "label": "object", - "description": [], - "signature": [ - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObject", - "text": "SavedObject" - }, - "<", - { - "pluginId": "@kbn/core-saved-objects-common", - "scope": "common", - "docId": "kibKbnCoreSavedObjectsCommonPluginApi", - "section": "def-common.SavedObjectAttributes", - "text": "SavedObjectAttributes" - }, - ">" - ], - "path": "src/plugins/saved_objects_tagging_oss/public/api.ts", - "deprecated": false, - "trackAdoption": false - } - ], - "initialIsOpen": false - }, - { - "parentPluginId": "savedObjectsTaggingOss", - "id": "def-public.TagDecoratedSavedObject", - "type": "Type", - "tags": [], - "label": "TagDecoratedSavedObject", - "description": [], - "signature": [ - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObject", - "text": "SavedObject" - }, - "<", - { - "pluginId": "@kbn/core-saved-objects-common", - "scope": "common", - "docId": "kibKbnCoreSavedObjectsCommonPluginApi", - "section": "def-common.SavedObjectAttributes", - "text": "SavedObjectAttributes" - }, - "> & { getTags(): string[]; setTags(tags: string[]): void; }" - ], - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/types.ts", - "deprecated": false, - "trackAdoption": false, - "initialIsOpen": false } ], "objects": [], diff --git a/api_docs/saved_objects_tagging_oss.mdx b/api_docs/saved_objects_tagging_oss.mdx index 3ce9cb6625ae5..efbc92ee83aee 100644 --- a/api_docs/saved_objects_tagging_oss.mdx +++ b/api_docs/saved_objects_tagging_oss.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsTaggingOss title: "savedObjectsTaggingOss" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsTaggingOss plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsTaggingOss'] --- import savedObjectsTaggingOssObj from './saved_objects_tagging_oss.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sh | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 105 | 0 | 57 | 1 | +| 100 | 0 | 53 | 1 | ## Client diff --git a/api_docs/saved_search.mdx b/api_docs/saved_search.mdx index 9fadf64fbe533..30b6412e07490 100644 --- a/api_docs/saved_search.mdx +++ b/api_docs/saved_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedSearch title: "savedSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the savedSearch plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedSearch'] --- import savedSearchObj from './saved_search.devdocs.json'; diff --git a/api_docs/screenshot_mode.mdx b/api_docs/screenshot_mode.mdx index 344b2e46c49ed..83b1568ddd63f 100644 --- a/api_docs/screenshot_mode.mdx +++ b/api_docs/screenshot_mode.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/screenshotMode title: "screenshotMode" image: https://source.unsplash.com/400x175/?github description: API docs for the screenshotMode plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'screenshotMode'] --- import screenshotModeObj from './screenshot_mode.devdocs.json'; diff --git a/api_docs/screenshotting.mdx b/api_docs/screenshotting.mdx index d35db0377a4e2..37394a6a64db9 100644 --- a/api_docs/screenshotting.mdx +++ b/api_docs/screenshotting.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/screenshotting title: "screenshotting" image: https://source.unsplash.com/400x175/?github description: API docs for the screenshotting plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'screenshotting'] --- import screenshottingObj from './screenshotting.devdocs.json'; diff --git a/api_docs/search_assistant.mdx b/api_docs/search_assistant.mdx index f1c8ac2b05a8b..3ca251b7c0df3 100644 --- a/api_docs/search_assistant.mdx +++ b/api_docs/search_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchAssistant title: "searchAssistant" image: https://source.unsplash.com/400x175/?github description: API docs for the searchAssistant plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchAssistant'] --- import searchAssistantObj from './search_assistant.devdocs.json'; diff --git a/api_docs/search_connectors.mdx b/api_docs/search_connectors.mdx index 4ef0f25d53493..440505ea855ec 100644 --- a/api_docs/search_connectors.mdx +++ b/api_docs/search_connectors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchConnectors title: "searchConnectors" image: https://source.unsplash.com/400x175/?github description: API docs for the searchConnectors plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchConnectors'] --- import searchConnectorsObj from './search_connectors.devdocs.json'; diff --git a/api_docs/search_homepage.mdx b/api_docs/search_homepage.mdx index 73adf90280461..c9b3d047e0778 100644 --- a/api_docs/search_homepage.mdx +++ b/api_docs/search_homepage.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchHomepage title: "searchHomepage" image: https://source.unsplash.com/400x175/?github description: API docs for the searchHomepage plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchHomepage'] --- import searchHomepageObj from './search_homepage.devdocs.json'; diff --git a/api_docs/search_indices.mdx b/api_docs/search_indices.mdx index 6d7438e0d5156..acd87ac4e0d3d 100644 --- a/api_docs/search_indices.mdx +++ b/api_docs/search_indices.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchIndices title: "searchIndices" image: https://source.unsplash.com/400x175/?github description: API docs for the searchIndices plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchIndices'] --- import searchIndicesObj from './search_indices.devdocs.json'; diff --git a/api_docs/search_inference_endpoints.mdx b/api_docs/search_inference_endpoints.mdx index 0f7af49e73f64..82520afbe5577 100644 --- a/api_docs/search_inference_endpoints.mdx +++ b/api_docs/search_inference_endpoints.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchInferenceEndpoints title: "searchInferenceEndpoints" image: https://source.unsplash.com/400x175/?github description: API docs for the searchInferenceEndpoints plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchInferenceEndpoints'] --- import searchInferenceEndpointsObj from './search_inference_endpoints.devdocs.json'; diff --git a/api_docs/search_notebooks.mdx b/api_docs/search_notebooks.mdx index e8490c57c16ed..5435f7a4f0a6d 100644 --- a/api_docs/search_notebooks.mdx +++ b/api_docs/search_notebooks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchNotebooks title: "searchNotebooks" image: https://source.unsplash.com/400x175/?github description: API docs for the searchNotebooks plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchNotebooks'] --- import searchNotebooksObj from './search_notebooks.devdocs.json'; diff --git a/api_docs/search_playground.mdx b/api_docs/search_playground.mdx index b728de94b270d..e308621bfbb2d 100644 --- a/api_docs/search_playground.mdx +++ b/api_docs/search_playground.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchPlayground title: "searchPlayground" image: https://source.unsplash.com/400x175/?github description: API docs for the searchPlayground plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchPlayground'] --- import searchPlaygroundObj from './search_playground.devdocs.json'; diff --git a/api_docs/security.mdx b/api_docs/security.mdx index c26359db873ac..025444c46d86d 100644 --- a/api_docs/security.mdx +++ b/api_docs/security.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/security title: "security" image: https://source.unsplash.com/400x175/?github description: API docs for the security plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'security'] --- import securityObj from './security.devdocs.json'; diff --git a/api_docs/security_solution.devdocs.json b/api_docs/security_solution.devdocs.json index fb27b8fa4661f..3d03c6a9812c5 100644 --- a/api_docs/security_solution.devdocs.json +++ b/api_docs/security_solution.devdocs.json @@ -485,7 +485,7 @@ "\nExperimental flag needed to enable the link" ], "signature": [ - "\"assistantKnowledgeBaseByDefault\" | \"assistantModelEvaluation\" | \"assistantBedrockChat\" | \"excludePoliciesInFilterEnabled\" | \"kubernetesEnabled\" | \"donutChartEmbeddablesEnabled\" | \"previewTelemetryUrlEnabled\" | \"extendedRuleExecutionLoggingEnabled\" | \"socTrendsEnabled\" | \"responseActionUploadEnabled\" | \"automatedProcessActionsEnabled\" | \"automatedResponseActionsForMoreRulesEnabled\" | \"responseActionsSentinelOneV1Enabled\" | \"responseActionsSentinelOneV2Enabled\" | \"responseActionsSentinelOneGetFileEnabled\" | \"responseActionsSentinelOneKillProcessEnabled\" | \"responseActionsSentinelOneProcessesEnabled\" | \"responseActionsCrowdstrikeManualHostIsolationEnabled\" | \"securitySolutionNotesEnabled\" | \"entityAlertPreviewDisabled\" | \"assistantNaturalLanguageESQLTool\" | \"newUserDetailsFlyoutManagedUser\" | \"riskScoringPersistence\" | \"riskScoringRoutesEnabled\" | \"esqlRulesDisabled\" | \"loggingRequestsEnabled\" | \"protectionUpdatesEnabled\" | \"disableTimelineSaveTour\" | \"riskEnginePrivilegesRouteEnabled\" | \"sentinelOneDataInAnalyzerEnabled\" | \"sentinelOneManualHostActionsEnabled\" | \"crowdstrikeDataInAnalyzerEnabled\" | \"jamfDataInAnalyzerEnabled\" | \"timelineEsqlTabDisabled\" | \"unifiedComponentsInTimelineDisabled\" | \"analyzerDatePickersAndSourcererDisabled\" | \"visualizationInFlyoutEnabled\" | \"prebuiltRulesCustomizationEnabled\" | \"malwareOnWriteScanOptionAvailable\" | \"unifiedManifestEnabled\" | \"valueListItemsModalEnabled\" | \"manualRuleRunEnabled\" | \"filterProcessDescendantsForEventFiltersEnabled\" | \"dataIngestionHubEnabled\" | \"entityStoreEnabled\" | undefined" + "\"assistantKnowledgeBaseByDefault\" | \"assistantModelEvaluation\" | \"assistantBedrockChat\" | \"excludePoliciesInFilterEnabled\" | \"kubernetesEnabled\" | \"donutChartEmbeddablesEnabled\" | \"previewTelemetryUrlEnabled\" | \"extendedRuleExecutionLoggingEnabled\" | \"socTrendsEnabled\" | \"responseActionUploadEnabled\" | \"automatedProcessActionsEnabled\" | \"automatedResponseActionsForMoreRulesEnabled\" | \"responseActionsSentinelOneV1Enabled\" | \"responseActionsSentinelOneV2Enabled\" | \"responseActionsSentinelOneGetFileEnabled\" | \"responseActionsSentinelOneKillProcessEnabled\" | \"responseActionsSentinelOneProcessesEnabled\" | \"responseActionsCrowdstrikeManualHostIsolationEnabled\" | \"endpointManagementSpaceAwarenessEnabled\" | \"securitySolutionNotesEnabled\" | \"entityAlertPreviewDisabled\" | \"assistantNaturalLanguageESQLTool\" | \"newUserDetailsFlyoutManagedUser\" | \"riskScoringPersistence\" | \"riskScoringRoutesEnabled\" | \"esqlRulesDisabled\" | \"loggingRequestsEnabled\" | \"protectionUpdatesEnabled\" | \"disableTimelineSaveTour\" | \"riskEnginePrivilegesRouteEnabled\" | \"sentinelOneDataInAnalyzerEnabled\" | \"sentinelOneManualHostActionsEnabled\" | \"crowdstrikeDataInAnalyzerEnabled\" | \"jamfDataInAnalyzerEnabled\" | \"timelineEsqlTabDisabled\" | \"unifiedComponentsInTimelineDisabled\" | \"analyzerDatePickersAndSourcererDisabled\" | \"visualizationInFlyoutEnabled\" | \"prebuiltRulesCustomizationEnabled\" | \"malwareOnWriteScanOptionAvailable\" | \"unifiedManifestEnabled\" | \"valueListItemsModalEnabled\" | \"manualRuleRunEnabled\" | \"filterProcessDescendantsForEventFiltersEnabled\" | \"dataIngestionHubEnabled\" | \"entityStoreEnabled\" | undefined" ], "path": "x-pack/plugins/security_solution/public/common/links/types.ts", "deprecated": false, @@ -565,7 +565,7 @@ "\nExperimental flag needed to disable the link. Opposite of experimentalKey" ], "signature": [ - "\"assistantKnowledgeBaseByDefault\" | \"assistantModelEvaluation\" | \"assistantBedrockChat\" | \"excludePoliciesInFilterEnabled\" | \"kubernetesEnabled\" | \"donutChartEmbeddablesEnabled\" | \"previewTelemetryUrlEnabled\" | \"extendedRuleExecutionLoggingEnabled\" | \"socTrendsEnabled\" | \"responseActionUploadEnabled\" | \"automatedProcessActionsEnabled\" | \"automatedResponseActionsForMoreRulesEnabled\" | \"responseActionsSentinelOneV1Enabled\" | \"responseActionsSentinelOneV2Enabled\" | \"responseActionsSentinelOneGetFileEnabled\" | \"responseActionsSentinelOneKillProcessEnabled\" | \"responseActionsSentinelOneProcessesEnabled\" | \"responseActionsCrowdstrikeManualHostIsolationEnabled\" | \"securitySolutionNotesEnabled\" | \"entityAlertPreviewDisabled\" | \"assistantNaturalLanguageESQLTool\" | \"newUserDetailsFlyoutManagedUser\" | \"riskScoringPersistence\" | \"riskScoringRoutesEnabled\" | \"esqlRulesDisabled\" | \"loggingRequestsEnabled\" | \"protectionUpdatesEnabled\" | \"disableTimelineSaveTour\" | \"riskEnginePrivilegesRouteEnabled\" | \"sentinelOneDataInAnalyzerEnabled\" | \"sentinelOneManualHostActionsEnabled\" | \"crowdstrikeDataInAnalyzerEnabled\" | \"jamfDataInAnalyzerEnabled\" | \"timelineEsqlTabDisabled\" | \"unifiedComponentsInTimelineDisabled\" | \"analyzerDatePickersAndSourcererDisabled\" | \"visualizationInFlyoutEnabled\" | \"prebuiltRulesCustomizationEnabled\" | \"malwareOnWriteScanOptionAvailable\" | \"unifiedManifestEnabled\" | \"valueListItemsModalEnabled\" | \"manualRuleRunEnabled\" | \"filterProcessDescendantsForEventFiltersEnabled\" | \"dataIngestionHubEnabled\" | \"entityStoreEnabled\" | undefined" + "\"assistantKnowledgeBaseByDefault\" | \"assistantModelEvaluation\" | \"assistantBedrockChat\" | \"excludePoliciesInFilterEnabled\" | \"kubernetesEnabled\" | \"donutChartEmbeddablesEnabled\" | \"previewTelemetryUrlEnabled\" | \"extendedRuleExecutionLoggingEnabled\" | \"socTrendsEnabled\" | \"responseActionUploadEnabled\" | \"automatedProcessActionsEnabled\" | \"automatedResponseActionsForMoreRulesEnabled\" | \"responseActionsSentinelOneV1Enabled\" | \"responseActionsSentinelOneV2Enabled\" | \"responseActionsSentinelOneGetFileEnabled\" | \"responseActionsSentinelOneKillProcessEnabled\" | \"responseActionsSentinelOneProcessesEnabled\" | \"responseActionsCrowdstrikeManualHostIsolationEnabled\" | \"endpointManagementSpaceAwarenessEnabled\" | \"securitySolutionNotesEnabled\" | \"entityAlertPreviewDisabled\" | \"assistantNaturalLanguageESQLTool\" | \"newUserDetailsFlyoutManagedUser\" | \"riskScoringPersistence\" | \"riskScoringRoutesEnabled\" | \"esqlRulesDisabled\" | \"loggingRequestsEnabled\" | \"protectionUpdatesEnabled\" | \"disableTimelineSaveTour\" | \"riskEnginePrivilegesRouteEnabled\" | \"sentinelOneDataInAnalyzerEnabled\" | \"sentinelOneManualHostActionsEnabled\" | \"crowdstrikeDataInAnalyzerEnabled\" | \"jamfDataInAnalyzerEnabled\" | \"timelineEsqlTabDisabled\" | \"unifiedComponentsInTimelineDisabled\" | \"analyzerDatePickersAndSourcererDisabled\" | \"visualizationInFlyoutEnabled\" | \"prebuiltRulesCustomizationEnabled\" | \"malwareOnWriteScanOptionAvailable\" | \"unifiedManifestEnabled\" | \"valueListItemsModalEnabled\" | \"manualRuleRunEnabled\" | \"filterProcessDescendantsForEventFiltersEnabled\" | \"dataIngestionHubEnabled\" | \"entityStoreEnabled\" | undefined" ], "path": "x-pack/plugins/security_solution/public/common/links/types.ts", "deprecated": false, @@ -1931,7 +1931,7 @@ "label": "experimentalFeatures", "description": [], "signature": [ - "{ readonly excludePoliciesInFilterEnabled: boolean; readonly kubernetesEnabled: boolean; readonly donutChartEmbeddablesEnabled: boolean; readonly previewTelemetryUrlEnabled: boolean; readonly extendedRuleExecutionLoggingEnabled: boolean; readonly socTrendsEnabled: boolean; readonly responseActionUploadEnabled: boolean; readonly automatedProcessActionsEnabled: boolean; readonly automatedResponseActionsForMoreRulesEnabled: boolean; readonly responseActionsSentinelOneV1Enabled: boolean; readonly responseActionsSentinelOneV2Enabled: boolean; readonly responseActionsSentinelOneGetFileEnabled: boolean; readonly responseActionsSentinelOneKillProcessEnabled: boolean; readonly responseActionsSentinelOneProcessesEnabled: boolean; readonly responseActionsCrowdstrikeManualHostIsolationEnabled: boolean; readonly securitySolutionNotesEnabled: boolean; readonly entityAlertPreviewDisabled: boolean; readonly assistantModelEvaluation: boolean; readonly assistantKnowledgeBaseByDefault: boolean; readonly assistantBedrockChat: boolean; readonly assistantNaturalLanguageESQLTool: boolean; readonly newUserDetailsFlyoutManagedUser: boolean; readonly riskScoringPersistence: boolean; readonly riskScoringRoutesEnabled: boolean; readonly esqlRulesDisabled: boolean; readonly loggingRequestsEnabled: boolean; readonly protectionUpdatesEnabled: boolean; readonly disableTimelineSaveTour: boolean; readonly riskEnginePrivilegesRouteEnabled: boolean; readonly sentinelOneDataInAnalyzerEnabled: boolean; readonly sentinelOneManualHostActionsEnabled: boolean; readonly crowdstrikeDataInAnalyzerEnabled: boolean; readonly jamfDataInAnalyzerEnabled: boolean; readonly timelineEsqlTabDisabled: boolean; readonly unifiedComponentsInTimelineDisabled: boolean; readonly analyzerDatePickersAndSourcererDisabled: boolean; readonly visualizationInFlyoutEnabled: boolean; readonly prebuiltRulesCustomizationEnabled: boolean; readonly malwareOnWriteScanOptionAvailable: boolean; readonly unifiedManifestEnabled: boolean; readonly valueListItemsModalEnabled: boolean; readonly manualRuleRunEnabled: boolean; readonly filterProcessDescendantsForEventFiltersEnabled: boolean; readonly dataIngestionHubEnabled: boolean; readonly entityStoreEnabled: boolean; }" + "{ readonly excludePoliciesInFilterEnabled: boolean; readonly kubernetesEnabled: boolean; readonly donutChartEmbeddablesEnabled: boolean; readonly previewTelemetryUrlEnabled: boolean; readonly extendedRuleExecutionLoggingEnabled: boolean; readonly socTrendsEnabled: boolean; readonly responseActionUploadEnabled: boolean; readonly automatedProcessActionsEnabled: boolean; readonly automatedResponseActionsForMoreRulesEnabled: boolean; readonly responseActionsSentinelOneV1Enabled: boolean; readonly responseActionsSentinelOneV2Enabled: boolean; readonly responseActionsSentinelOneGetFileEnabled: boolean; readonly responseActionsSentinelOneKillProcessEnabled: boolean; readonly responseActionsSentinelOneProcessesEnabled: boolean; readonly responseActionsCrowdstrikeManualHostIsolationEnabled: boolean; readonly endpointManagementSpaceAwarenessEnabled: boolean; readonly securitySolutionNotesEnabled: boolean; readonly entityAlertPreviewDisabled: boolean; readonly assistantModelEvaluation: boolean; readonly assistantKnowledgeBaseByDefault: boolean; readonly assistantBedrockChat: boolean; readonly assistantNaturalLanguageESQLTool: boolean; readonly newUserDetailsFlyoutManagedUser: boolean; readonly riskScoringPersistence: boolean; readonly riskScoringRoutesEnabled: boolean; readonly esqlRulesDisabled: boolean; readonly loggingRequestsEnabled: boolean; readonly protectionUpdatesEnabled: boolean; readonly disableTimelineSaveTour: boolean; readonly riskEnginePrivilegesRouteEnabled: boolean; readonly sentinelOneDataInAnalyzerEnabled: boolean; readonly sentinelOneManualHostActionsEnabled: boolean; readonly crowdstrikeDataInAnalyzerEnabled: boolean; readonly jamfDataInAnalyzerEnabled: boolean; readonly timelineEsqlTabDisabled: boolean; readonly unifiedComponentsInTimelineDisabled: boolean; readonly analyzerDatePickersAndSourcererDisabled: boolean; readonly visualizationInFlyoutEnabled: boolean; readonly prebuiltRulesCustomizationEnabled: boolean; readonly malwareOnWriteScanOptionAvailable: boolean; readonly unifiedManifestEnabled: boolean; readonly valueListItemsModalEnabled: boolean; readonly manualRuleRunEnabled: boolean; readonly filterProcessDescendantsForEventFiltersEnabled: boolean; readonly dataIngestionHubEnabled: boolean; readonly entityStoreEnabled: boolean; }" ], "path": "x-pack/plugins/security_solution/public/types.ts", "deprecated": false, @@ -3099,7 +3099,7 @@ "\nThe security solution generic experimental features" ], "signature": [ - "{ readonly excludePoliciesInFilterEnabled: boolean; readonly kubernetesEnabled: boolean; readonly donutChartEmbeddablesEnabled: boolean; readonly previewTelemetryUrlEnabled: boolean; readonly extendedRuleExecutionLoggingEnabled: boolean; readonly socTrendsEnabled: boolean; readonly responseActionUploadEnabled: boolean; readonly automatedProcessActionsEnabled: boolean; readonly automatedResponseActionsForMoreRulesEnabled: boolean; readonly responseActionsSentinelOneV1Enabled: boolean; readonly responseActionsSentinelOneV2Enabled: boolean; readonly responseActionsSentinelOneGetFileEnabled: boolean; readonly responseActionsSentinelOneKillProcessEnabled: boolean; readonly responseActionsSentinelOneProcessesEnabled: boolean; readonly responseActionsCrowdstrikeManualHostIsolationEnabled: boolean; readonly securitySolutionNotesEnabled: boolean; readonly entityAlertPreviewDisabled: boolean; readonly assistantModelEvaluation: boolean; readonly assistantKnowledgeBaseByDefault: boolean; readonly assistantBedrockChat: boolean; readonly assistantNaturalLanguageESQLTool: boolean; readonly newUserDetailsFlyoutManagedUser: boolean; readonly riskScoringPersistence: boolean; readonly riskScoringRoutesEnabled: boolean; readonly esqlRulesDisabled: boolean; readonly loggingRequestsEnabled: boolean; readonly protectionUpdatesEnabled: boolean; readonly disableTimelineSaveTour: boolean; readonly riskEnginePrivilegesRouteEnabled: boolean; readonly sentinelOneDataInAnalyzerEnabled: boolean; readonly sentinelOneManualHostActionsEnabled: boolean; readonly crowdstrikeDataInAnalyzerEnabled: boolean; readonly jamfDataInAnalyzerEnabled: boolean; readonly timelineEsqlTabDisabled: boolean; readonly unifiedComponentsInTimelineDisabled: boolean; readonly analyzerDatePickersAndSourcererDisabled: boolean; readonly visualizationInFlyoutEnabled: boolean; readonly prebuiltRulesCustomizationEnabled: boolean; readonly malwareOnWriteScanOptionAvailable: boolean; readonly unifiedManifestEnabled: boolean; readonly valueListItemsModalEnabled: boolean; readonly manualRuleRunEnabled: boolean; readonly filterProcessDescendantsForEventFiltersEnabled: boolean; readonly dataIngestionHubEnabled: boolean; readonly entityStoreEnabled: boolean; }" + "{ readonly excludePoliciesInFilterEnabled: boolean; readonly kubernetesEnabled: boolean; readonly donutChartEmbeddablesEnabled: boolean; readonly previewTelemetryUrlEnabled: boolean; readonly extendedRuleExecutionLoggingEnabled: boolean; readonly socTrendsEnabled: boolean; readonly responseActionUploadEnabled: boolean; readonly automatedProcessActionsEnabled: boolean; readonly automatedResponseActionsForMoreRulesEnabled: boolean; readonly responseActionsSentinelOneV1Enabled: boolean; readonly responseActionsSentinelOneV2Enabled: boolean; readonly responseActionsSentinelOneGetFileEnabled: boolean; readonly responseActionsSentinelOneKillProcessEnabled: boolean; readonly responseActionsSentinelOneProcessesEnabled: boolean; readonly responseActionsCrowdstrikeManualHostIsolationEnabled: boolean; readonly endpointManagementSpaceAwarenessEnabled: boolean; readonly securitySolutionNotesEnabled: boolean; readonly entityAlertPreviewDisabled: boolean; readonly assistantModelEvaluation: boolean; readonly assistantKnowledgeBaseByDefault: boolean; readonly assistantBedrockChat: boolean; readonly assistantNaturalLanguageESQLTool: boolean; readonly newUserDetailsFlyoutManagedUser: boolean; readonly riskScoringPersistence: boolean; readonly riskScoringRoutesEnabled: boolean; readonly esqlRulesDisabled: boolean; readonly loggingRequestsEnabled: boolean; readonly protectionUpdatesEnabled: boolean; readonly disableTimelineSaveTour: boolean; readonly riskEnginePrivilegesRouteEnabled: boolean; readonly sentinelOneDataInAnalyzerEnabled: boolean; readonly sentinelOneManualHostActionsEnabled: boolean; readonly crowdstrikeDataInAnalyzerEnabled: boolean; readonly jamfDataInAnalyzerEnabled: boolean; readonly timelineEsqlTabDisabled: boolean; readonly unifiedComponentsInTimelineDisabled: boolean; readonly analyzerDatePickersAndSourcererDisabled: boolean; readonly visualizationInFlyoutEnabled: boolean; readonly prebuiltRulesCustomizationEnabled: boolean; readonly malwareOnWriteScanOptionAvailable: boolean; readonly unifiedManifestEnabled: boolean; readonly valueListItemsModalEnabled: boolean; readonly manualRuleRunEnabled: boolean; readonly filterProcessDescendantsForEventFiltersEnabled: boolean; readonly dataIngestionHubEnabled: boolean; readonly entityStoreEnabled: boolean; }" ], "path": "x-pack/plugins/security_solution/server/plugin_contract.ts", "deprecated": false, @@ -3275,7 +3275,7 @@ "label": "ExperimentalFeatures", "description": [], "signature": [ - "{ readonly excludePoliciesInFilterEnabled: boolean; readonly kubernetesEnabled: boolean; readonly donutChartEmbeddablesEnabled: boolean; readonly previewTelemetryUrlEnabled: boolean; readonly extendedRuleExecutionLoggingEnabled: boolean; readonly socTrendsEnabled: boolean; readonly responseActionUploadEnabled: boolean; readonly automatedProcessActionsEnabled: boolean; readonly automatedResponseActionsForMoreRulesEnabled: boolean; readonly responseActionsSentinelOneV1Enabled: boolean; readonly responseActionsSentinelOneV2Enabled: boolean; readonly responseActionsSentinelOneGetFileEnabled: boolean; readonly responseActionsSentinelOneKillProcessEnabled: boolean; readonly responseActionsSentinelOneProcessesEnabled: boolean; readonly responseActionsCrowdstrikeManualHostIsolationEnabled: boolean; readonly securitySolutionNotesEnabled: boolean; readonly entityAlertPreviewDisabled: boolean; readonly assistantModelEvaluation: boolean; readonly assistantKnowledgeBaseByDefault: boolean; readonly assistantBedrockChat: boolean; readonly assistantNaturalLanguageESQLTool: boolean; readonly newUserDetailsFlyoutManagedUser: boolean; readonly riskScoringPersistence: boolean; readonly riskScoringRoutesEnabled: boolean; readonly esqlRulesDisabled: boolean; readonly loggingRequestsEnabled: boolean; readonly protectionUpdatesEnabled: boolean; readonly disableTimelineSaveTour: boolean; readonly riskEnginePrivilegesRouteEnabled: boolean; readonly sentinelOneDataInAnalyzerEnabled: boolean; readonly sentinelOneManualHostActionsEnabled: boolean; readonly crowdstrikeDataInAnalyzerEnabled: boolean; readonly jamfDataInAnalyzerEnabled: boolean; readonly timelineEsqlTabDisabled: boolean; readonly unifiedComponentsInTimelineDisabled: boolean; readonly analyzerDatePickersAndSourcererDisabled: boolean; readonly visualizationInFlyoutEnabled: boolean; readonly prebuiltRulesCustomizationEnabled: boolean; readonly malwareOnWriteScanOptionAvailable: boolean; readonly unifiedManifestEnabled: boolean; readonly valueListItemsModalEnabled: boolean; readonly manualRuleRunEnabled: boolean; readonly filterProcessDescendantsForEventFiltersEnabled: boolean; readonly dataIngestionHubEnabled: boolean; readonly entityStoreEnabled: boolean; }" + "{ readonly excludePoliciesInFilterEnabled: boolean; readonly kubernetesEnabled: boolean; readonly donutChartEmbeddablesEnabled: boolean; readonly previewTelemetryUrlEnabled: boolean; readonly extendedRuleExecutionLoggingEnabled: boolean; readonly socTrendsEnabled: boolean; readonly responseActionUploadEnabled: boolean; readonly automatedProcessActionsEnabled: boolean; readonly automatedResponseActionsForMoreRulesEnabled: boolean; readonly responseActionsSentinelOneV1Enabled: boolean; readonly responseActionsSentinelOneV2Enabled: boolean; readonly responseActionsSentinelOneGetFileEnabled: boolean; readonly responseActionsSentinelOneKillProcessEnabled: boolean; readonly responseActionsSentinelOneProcessesEnabled: boolean; readonly responseActionsCrowdstrikeManualHostIsolationEnabled: boolean; readonly endpointManagementSpaceAwarenessEnabled: boolean; readonly securitySolutionNotesEnabled: boolean; readonly entityAlertPreviewDisabled: boolean; readonly assistantModelEvaluation: boolean; readonly assistantKnowledgeBaseByDefault: boolean; readonly assistantBedrockChat: boolean; readonly assistantNaturalLanguageESQLTool: boolean; readonly newUserDetailsFlyoutManagedUser: boolean; readonly riskScoringPersistence: boolean; readonly riskScoringRoutesEnabled: boolean; readonly esqlRulesDisabled: boolean; readonly loggingRequestsEnabled: boolean; readonly protectionUpdatesEnabled: boolean; readonly disableTimelineSaveTour: boolean; readonly riskEnginePrivilegesRouteEnabled: boolean; readonly sentinelOneDataInAnalyzerEnabled: boolean; readonly sentinelOneManualHostActionsEnabled: boolean; readonly crowdstrikeDataInAnalyzerEnabled: boolean; readonly jamfDataInAnalyzerEnabled: boolean; readonly timelineEsqlTabDisabled: boolean; readonly unifiedComponentsInTimelineDisabled: boolean; readonly analyzerDatePickersAndSourcererDisabled: boolean; readonly visualizationInFlyoutEnabled: boolean; readonly prebuiltRulesCustomizationEnabled: boolean; readonly malwareOnWriteScanOptionAvailable: boolean; readonly unifiedManifestEnabled: boolean; readonly valueListItemsModalEnabled: boolean; readonly manualRuleRunEnabled: boolean; readonly filterProcessDescendantsForEventFiltersEnabled: boolean; readonly dataIngestionHubEnabled: boolean; readonly entityStoreEnabled: boolean; }" ], "path": "x-pack/plugins/security_solution/common/experimental_features.ts", "deprecated": false, @@ -3341,7 +3341,7 @@ "\nA list of allowed values that can be used in `xpack.securitySolution.enableExperimental`.\nThis object is then used to validate and parse the value entered." ], "signature": [ - "{ readonly excludePoliciesInFilterEnabled: false; readonly kubernetesEnabled: true; readonly donutChartEmbeddablesEnabled: false; readonly previewTelemetryUrlEnabled: false; readonly extendedRuleExecutionLoggingEnabled: false; readonly socTrendsEnabled: false; readonly responseActionUploadEnabled: true; readonly automatedProcessActionsEnabled: true; readonly automatedResponseActionsForMoreRulesEnabled: false; readonly responseActionsSentinelOneV1Enabled: true; readonly responseActionsSentinelOneV2Enabled: true; readonly responseActionsSentinelOneGetFileEnabled: true; readonly responseActionsSentinelOneKillProcessEnabled: true; readonly responseActionsSentinelOneProcessesEnabled: true; readonly responseActionsCrowdstrikeManualHostIsolationEnabled: true; readonly securitySolutionNotesEnabled: false; readonly entityAlertPreviewDisabled: false; readonly assistantModelEvaluation: false; readonly assistantKnowledgeBaseByDefault: false; readonly assistantBedrockChat: true; readonly assistantNaturalLanguageESQLTool: false; readonly newUserDetailsFlyoutManagedUser: false; readonly riskScoringPersistence: true; readonly riskScoringRoutesEnabled: true; readonly esqlRulesDisabled: false; readonly loggingRequestsEnabled: false; readonly protectionUpdatesEnabled: true; readonly disableTimelineSaveTour: false; readonly riskEnginePrivilegesRouteEnabled: true; readonly sentinelOneDataInAnalyzerEnabled: true; readonly sentinelOneManualHostActionsEnabled: true; readonly crowdstrikeDataInAnalyzerEnabled: true; readonly jamfDataInAnalyzerEnabled: true; readonly timelineEsqlTabDisabled: false; readonly unifiedComponentsInTimelineDisabled: false; readonly analyzerDatePickersAndSourcererDisabled: false; readonly visualizationInFlyoutEnabled: false; readonly prebuiltRulesCustomizationEnabled: false; readonly malwareOnWriteScanOptionAvailable: true; readonly unifiedManifestEnabled: true; readonly valueListItemsModalEnabled: true; readonly manualRuleRunEnabled: false; readonly filterProcessDescendantsForEventFiltersEnabled: true; readonly dataIngestionHubEnabled: false; readonly entityStoreEnabled: false; }" + "{ readonly excludePoliciesInFilterEnabled: false; readonly kubernetesEnabled: true; readonly donutChartEmbeddablesEnabled: false; readonly previewTelemetryUrlEnabled: false; readonly extendedRuleExecutionLoggingEnabled: false; readonly socTrendsEnabled: false; readonly responseActionUploadEnabled: true; readonly automatedProcessActionsEnabled: true; readonly automatedResponseActionsForMoreRulesEnabled: false; readonly responseActionsSentinelOneV1Enabled: true; readonly responseActionsSentinelOneV2Enabled: true; readonly responseActionsSentinelOneGetFileEnabled: true; readonly responseActionsSentinelOneKillProcessEnabled: true; readonly responseActionsSentinelOneProcessesEnabled: true; readonly responseActionsCrowdstrikeManualHostIsolationEnabled: true; readonly endpointManagementSpaceAwarenessEnabled: false; readonly securitySolutionNotesEnabled: false; readonly entityAlertPreviewDisabled: false; readonly assistantModelEvaluation: false; readonly assistantKnowledgeBaseByDefault: false; readonly assistantBedrockChat: true; readonly assistantNaturalLanguageESQLTool: false; readonly newUserDetailsFlyoutManagedUser: false; readonly riskScoringPersistence: true; readonly riskScoringRoutesEnabled: true; readonly esqlRulesDisabled: false; readonly loggingRequestsEnabled: false; readonly protectionUpdatesEnabled: true; readonly disableTimelineSaveTour: false; readonly riskEnginePrivilegesRouteEnabled: true; readonly sentinelOneDataInAnalyzerEnabled: true; readonly sentinelOneManualHostActionsEnabled: true; readonly crowdstrikeDataInAnalyzerEnabled: true; readonly jamfDataInAnalyzerEnabled: true; readonly timelineEsqlTabDisabled: false; readonly unifiedComponentsInTimelineDisabled: false; readonly analyzerDatePickersAndSourcererDisabled: false; readonly visualizationInFlyoutEnabled: false; readonly prebuiltRulesCustomizationEnabled: false; readonly malwareOnWriteScanOptionAvailable: true; readonly unifiedManifestEnabled: true; readonly valueListItemsModalEnabled: true; readonly manualRuleRunEnabled: false; readonly filterProcessDescendantsForEventFiltersEnabled: true; readonly dataIngestionHubEnabled: false; readonly entityStoreEnabled: false; }" ], "path": "x-pack/plugins/security_solution/common/experimental_features.ts", "deprecated": false, diff --git a/api_docs/security_solution.mdx b/api_docs/security_solution.mdx index 11a454c2994d2..7e88952aedb10 100644 --- a/api_docs/security_solution.mdx +++ b/api_docs/security_solution.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/securitySolution title: "securitySolution" image: https://source.unsplash.com/400x175/?github description: API docs for the securitySolution plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'securitySolution'] --- import securitySolutionObj from './security_solution.devdocs.json'; diff --git a/api_docs/security_solution_ess.mdx b/api_docs/security_solution_ess.mdx index 5293befda82a0..acf6df88eecd4 100644 --- a/api_docs/security_solution_ess.mdx +++ b/api_docs/security_solution_ess.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/securitySolutionEss title: "securitySolutionEss" image: https://source.unsplash.com/400x175/?github description: API docs for the securitySolutionEss plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'securitySolutionEss'] --- import securitySolutionEssObj from './security_solution_ess.devdocs.json'; diff --git a/api_docs/security_solution_serverless.mdx b/api_docs/security_solution_serverless.mdx index dd0bb7dfd2c34..7f89d9bbbea79 100644 --- a/api_docs/security_solution_serverless.mdx +++ b/api_docs/security_solution_serverless.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/securitySolutionServerless title: "securitySolutionServerless" image: https://source.unsplash.com/400x175/?github description: API docs for the securitySolutionServerless plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'securitySolutionServerless'] --- import securitySolutionServerlessObj from './security_solution_serverless.devdocs.json'; diff --git a/api_docs/serverless.mdx b/api_docs/serverless.mdx index 9c40048428255..6bd064b11f2e9 100644 --- a/api_docs/serverless.mdx +++ b/api_docs/serverless.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/serverless title: "serverless" image: https://source.unsplash.com/400x175/?github description: API docs for the serverless plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'serverless'] --- import serverlessObj from './serverless.devdocs.json'; diff --git a/api_docs/serverless_observability.mdx b/api_docs/serverless_observability.mdx index b43d7f63160d9..75b78d6919403 100644 --- a/api_docs/serverless_observability.mdx +++ b/api_docs/serverless_observability.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/serverlessObservability title: "serverlessObservability" image: https://source.unsplash.com/400x175/?github description: API docs for the serverlessObservability plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'serverlessObservability'] --- import serverlessObservabilityObj from './serverless_observability.devdocs.json'; diff --git a/api_docs/serverless_search.mdx b/api_docs/serverless_search.mdx index 4115374e5874d..a81bdfb064957 100644 --- a/api_docs/serverless_search.mdx +++ b/api_docs/serverless_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/serverlessSearch title: "serverlessSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the serverlessSearch plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'serverlessSearch'] --- import serverlessSearchObj from './serverless_search.devdocs.json'; diff --git a/api_docs/session_view.mdx b/api_docs/session_view.mdx index 84d1f469437a1..fc4ea3738486c 100644 --- a/api_docs/session_view.mdx +++ b/api_docs/session_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/sessionView title: "sessionView" image: https://source.unsplash.com/400x175/?github description: API docs for the sessionView plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'sessionView'] --- import sessionViewObj from './session_view.devdocs.json'; diff --git a/api_docs/share.mdx b/api_docs/share.mdx index 1b0734fd71683..cea50918cd223 100644 --- a/api_docs/share.mdx +++ b/api_docs/share.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/share title: "share" image: https://source.unsplash.com/400x175/?github description: API docs for the share plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'share'] --- import shareObj from './share.devdocs.json'; diff --git a/api_docs/slo.mdx b/api_docs/slo.mdx index f6230e1152351..61db3de922873 100644 --- a/api_docs/slo.mdx +++ b/api_docs/slo.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/slo title: "slo" image: https://source.unsplash.com/400x175/?github description: API docs for the slo plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'slo'] --- import sloObj from './slo.devdocs.json'; diff --git a/api_docs/snapshot_restore.mdx b/api_docs/snapshot_restore.mdx index 4e6792fa493b0..4f75d10d318a8 100644 --- a/api_docs/snapshot_restore.mdx +++ b/api_docs/snapshot_restore.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/snapshotRestore title: "snapshotRestore" image: https://source.unsplash.com/400x175/?github description: API docs for the snapshotRestore plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'snapshotRestore'] --- import snapshotRestoreObj from './snapshot_restore.devdocs.json'; diff --git a/api_docs/spaces.mdx b/api_docs/spaces.mdx index d50c3b04bf105..e878688b719db 100644 --- a/api_docs/spaces.mdx +++ b/api_docs/spaces.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/spaces title: "spaces" image: https://source.unsplash.com/400x175/?github description: API docs for the spaces plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'spaces'] --- import spacesObj from './spaces.devdocs.json'; diff --git a/api_docs/stack_alerts.mdx b/api_docs/stack_alerts.mdx index 58a6d62130a97..e06c7713ef821 100644 --- a/api_docs/stack_alerts.mdx +++ b/api_docs/stack_alerts.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/stackAlerts title: "stackAlerts" image: https://source.unsplash.com/400x175/?github description: API docs for the stackAlerts plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'stackAlerts'] --- import stackAlertsObj from './stack_alerts.devdocs.json'; diff --git a/api_docs/stack_connectors.mdx b/api_docs/stack_connectors.mdx index 47e81d8f69e55..a4b0b1d830fde 100644 --- a/api_docs/stack_connectors.mdx +++ b/api_docs/stack_connectors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/stackConnectors title: "stackConnectors" image: https://source.unsplash.com/400x175/?github description: API docs for the stackConnectors plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'stackConnectors'] --- import stackConnectorsObj from './stack_connectors.devdocs.json'; diff --git a/api_docs/task_manager.mdx b/api_docs/task_manager.mdx index fdfa6a0c0b000..e096a9a005dcb 100644 --- a/api_docs/task_manager.mdx +++ b/api_docs/task_manager.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/taskManager title: "taskManager" image: https://source.unsplash.com/400x175/?github description: API docs for the taskManager plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'taskManager'] --- import taskManagerObj from './task_manager.devdocs.json'; diff --git a/api_docs/telemetry.mdx b/api_docs/telemetry.mdx index 22912018b6328..b7a85bb64fbe2 100644 --- a/api_docs/telemetry.mdx +++ b/api_docs/telemetry.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetry title: "telemetry" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetry plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetry'] --- import telemetryObj from './telemetry.devdocs.json'; diff --git a/api_docs/telemetry_collection_manager.mdx b/api_docs/telemetry_collection_manager.mdx index fc741bfffddbf..25b1ff709bedf 100644 --- a/api_docs/telemetry_collection_manager.mdx +++ b/api_docs/telemetry_collection_manager.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetryCollectionManager title: "telemetryCollectionManager" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetryCollectionManager plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetryCollectionManager'] --- import telemetryCollectionManagerObj from './telemetry_collection_manager.devdocs.json'; diff --git a/api_docs/telemetry_collection_xpack.mdx b/api_docs/telemetry_collection_xpack.mdx index 671f3b0a2f4b6..199d608420efd 100644 --- a/api_docs/telemetry_collection_xpack.mdx +++ b/api_docs/telemetry_collection_xpack.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetryCollectionXpack title: "telemetryCollectionXpack" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetryCollectionXpack plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetryCollectionXpack'] --- import telemetryCollectionXpackObj from './telemetry_collection_xpack.devdocs.json'; diff --git a/api_docs/telemetry_management_section.mdx b/api_docs/telemetry_management_section.mdx index afc84e8e46d9f..815a6b8974690 100644 --- a/api_docs/telemetry_management_section.mdx +++ b/api_docs/telemetry_management_section.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetryManagementSection title: "telemetryManagementSection" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetryManagementSection plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetryManagementSection'] --- import telemetryManagementSectionObj from './telemetry_management_section.devdocs.json'; diff --git a/api_docs/threat_intelligence.mdx b/api_docs/threat_intelligence.mdx index 82e352b70f517..de406fb22c6d9 100644 --- a/api_docs/threat_intelligence.mdx +++ b/api_docs/threat_intelligence.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/threatIntelligence title: "threatIntelligence" image: https://source.unsplash.com/400x175/?github description: API docs for the threatIntelligence plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'threatIntelligence'] --- import threatIntelligenceObj from './threat_intelligence.devdocs.json'; diff --git a/api_docs/timelines.mdx b/api_docs/timelines.mdx index a2701ab7a3ef2..d4bbc4707ce05 100644 --- a/api_docs/timelines.mdx +++ b/api_docs/timelines.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/timelines title: "timelines" image: https://source.unsplash.com/400x175/?github description: API docs for the timelines plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'timelines'] --- import timelinesObj from './timelines.devdocs.json'; diff --git a/api_docs/transform.mdx b/api_docs/transform.mdx index b4b21ba332c2c..39147e5378e60 100644 --- a/api_docs/transform.mdx +++ b/api_docs/transform.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/transform title: "transform" image: https://source.unsplash.com/400x175/?github description: API docs for the transform plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'transform'] --- import transformObj from './transform.devdocs.json'; diff --git a/api_docs/triggers_actions_ui.mdx b/api_docs/triggers_actions_ui.mdx index d9db7bbf6e0c5..083bda21eb2d1 100644 --- a/api_docs/triggers_actions_ui.mdx +++ b/api_docs/triggers_actions_ui.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/triggersActionsUi title: "triggersActionsUi" image: https://source.unsplash.com/400x175/?github description: API docs for the triggersActionsUi plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'triggersActionsUi'] --- import triggersActionsUiObj from './triggers_actions_ui.devdocs.json'; diff --git a/api_docs/ui_actions.mdx b/api_docs/ui_actions.mdx index 6695c33424017..2e6b20381c07c 100644 --- a/api_docs/ui_actions.mdx +++ b/api_docs/ui_actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/uiActions title: "uiActions" image: https://source.unsplash.com/400x175/?github description: API docs for the uiActions plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'uiActions'] --- import uiActionsObj from './ui_actions.devdocs.json'; diff --git a/api_docs/ui_actions_enhanced.mdx b/api_docs/ui_actions_enhanced.mdx index 207cd70dece1b..1ca86ba226eaa 100644 --- a/api_docs/ui_actions_enhanced.mdx +++ b/api_docs/ui_actions_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/uiActionsEnhanced title: "uiActionsEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the uiActionsEnhanced plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'uiActionsEnhanced'] --- import uiActionsEnhancedObj from './ui_actions_enhanced.devdocs.json'; diff --git a/api_docs/unified_doc_viewer.mdx b/api_docs/unified_doc_viewer.mdx index 7621ad2eb2f35..482e7e5576d75 100644 --- a/api_docs/unified_doc_viewer.mdx +++ b/api_docs/unified_doc_viewer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedDocViewer title: "unifiedDocViewer" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedDocViewer plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedDocViewer'] --- import unifiedDocViewerObj from './unified_doc_viewer.devdocs.json'; diff --git a/api_docs/unified_histogram.mdx b/api_docs/unified_histogram.mdx index 2506c32b28f40..4361ece3e61c3 100644 --- a/api_docs/unified_histogram.mdx +++ b/api_docs/unified_histogram.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedHistogram title: "unifiedHistogram" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedHistogram plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedHistogram'] --- import unifiedHistogramObj from './unified_histogram.devdocs.json'; diff --git a/api_docs/unified_search.mdx b/api_docs/unified_search.mdx index c3b665f870b9d..b7b31034f335a 100644 --- a/api_docs/unified_search.mdx +++ b/api_docs/unified_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedSearch title: "unifiedSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedSearch plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedSearch'] --- import unifiedSearchObj from './unified_search.devdocs.json'; diff --git a/api_docs/unified_search_autocomplete.mdx b/api_docs/unified_search_autocomplete.mdx index 6982131a3de7e..27cca2576d67c 100644 --- a/api_docs/unified_search_autocomplete.mdx +++ b/api_docs/unified_search_autocomplete.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedSearch-autocomplete title: "unifiedSearch.autocomplete" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedSearch.autocomplete plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedSearch.autocomplete'] --- import unifiedSearchAutocompleteObj from './unified_search_autocomplete.devdocs.json'; diff --git a/api_docs/uptime.mdx b/api_docs/uptime.mdx index edadd705fad0c..c71cf9136aad6 100644 --- a/api_docs/uptime.mdx +++ b/api_docs/uptime.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/uptime title: "uptime" image: https://source.unsplash.com/400x175/?github description: API docs for the uptime plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'uptime'] --- import uptimeObj from './uptime.devdocs.json'; diff --git a/api_docs/url_forwarding.mdx b/api_docs/url_forwarding.mdx index aa8361f10920c..c45c4af4b5fd9 100644 --- a/api_docs/url_forwarding.mdx +++ b/api_docs/url_forwarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/urlForwarding title: "urlForwarding" image: https://source.unsplash.com/400x175/?github description: API docs for the urlForwarding plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'urlForwarding'] --- import urlForwardingObj from './url_forwarding.devdocs.json'; diff --git a/api_docs/usage_collection.mdx b/api_docs/usage_collection.mdx index ba5a5ee1fc2dc..73d9fd481c4bb 100644 --- a/api_docs/usage_collection.mdx +++ b/api_docs/usage_collection.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/usageCollection title: "usageCollection" image: https://source.unsplash.com/400x175/?github description: API docs for the usageCollection plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'usageCollection'] --- import usageCollectionObj from './usage_collection.devdocs.json'; diff --git a/api_docs/ux.mdx b/api_docs/ux.mdx index 6f3cdd21ec8ce..426722344bb39 100644 --- a/api_docs/ux.mdx +++ b/api_docs/ux.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ux title: "ux" image: https://source.unsplash.com/400x175/?github description: API docs for the ux plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ux'] --- import uxObj from './ux.devdocs.json'; diff --git a/api_docs/vis_default_editor.mdx b/api_docs/vis_default_editor.mdx index c5dbcd9dc4cf7..8e21a32e0d1fe 100644 --- a/api_docs/vis_default_editor.mdx +++ b/api_docs/vis_default_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visDefaultEditor title: "visDefaultEditor" image: https://source.unsplash.com/400x175/?github description: API docs for the visDefaultEditor plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visDefaultEditor'] --- import visDefaultEditorObj from './vis_default_editor.devdocs.json'; diff --git a/api_docs/vis_type_gauge.mdx b/api_docs/vis_type_gauge.mdx index 8d252976fb262..4e681895a92be 100644 --- a/api_docs/vis_type_gauge.mdx +++ b/api_docs/vis_type_gauge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeGauge title: "visTypeGauge" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeGauge plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeGauge'] --- import visTypeGaugeObj from './vis_type_gauge.devdocs.json'; diff --git a/api_docs/vis_type_heatmap.mdx b/api_docs/vis_type_heatmap.mdx index 1c2b7de4f13fa..7f3c0cafd870a 100644 --- a/api_docs/vis_type_heatmap.mdx +++ b/api_docs/vis_type_heatmap.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeHeatmap title: "visTypeHeatmap" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeHeatmap plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeHeatmap'] --- import visTypeHeatmapObj from './vis_type_heatmap.devdocs.json'; diff --git a/api_docs/vis_type_pie.mdx b/api_docs/vis_type_pie.mdx index c890f73c7b7fa..b223a85dcb514 100644 --- a/api_docs/vis_type_pie.mdx +++ b/api_docs/vis_type_pie.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypePie title: "visTypePie" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypePie plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypePie'] --- import visTypePieObj from './vis_type_pie.devdocs.json'; diff --git a/api_docs/vis_type_table.mdx b/api_docs/vis_type_table.mdx index 864baa1450597..92ca2c666f06d 100644 --- a/api_docs/vis_type_table.mdx +++ b/api_docs/vis_type_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeTable title: "visTypeTable" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeTable plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeTable'] --- import visTypeTableObj from './vis_type_table.devdocs.json'; diff --git a/api_docs/vis_type_timelion.mdx b/api_docs/vis_type_timelion.mdx index 7b97d91233025..adad07c2041a7 100644 --- a/api_docs/vis_type_timelion.mdx +++ b/api_docs/vis_type_timelion.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeTimelion title: "visTypeTimelion" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeTimelion plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeTimelion'] --- import visTypeTimelionObj from './vis_type_timelion.devdocs.json'; diff --git a/api_docs/vis_type_timeseries.mdx b/api_docs/vis_type_timeseries.mdx index 0af6bae95142d..6015e51eb77fb 100644 --- a/api_docs/vis_type_timeseries.mdx +++ b/api_docs/vis_type_timeseries.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeTimeseries title: "visTypeTimeseries" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeTimeseries plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeTimeseries'] --- import visTypeTimeseriesObj from './vis_type_timeseries.devdocs.json'; diff --git a/api_docs/vis_type_vega.mdx b/api_docs/vis_type_vega.mdx index c88a1a4187657..c1a79ce86e11b 100644 --- a/api_docs/vis_type_vega.mdx +++ b/api_docs/vis_type_vega.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeVega title: "visTypeVega" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeVega plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeVega'] --- import visTypeVegaObj from './vis_type_vega.devdocs.json'; diff --git a/api_docs/vis_type_vislib.mdx b/api_docs/vis_type_vislib.mdx index 03814b3db83b3..596e91ecb0594 100644 --- a/api_docs/vis_type_vislib.mdx +++ b/api_docs/vis_type_vislib.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeVislib title: "visTypeVislib" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeVislib plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeVislib'] --- import visTypeVislibObj from './vis_type_vislib.devdocs.json'; diff --git a/api_docs/vis_type_xy.mdx b/api_docs/vis_type_xy.mdx index 4e554f41ff013..108c46cbc03b0 100644 --- a/api_docs/vis_type_xy.mdx +++ b/api_docs/vis_type_xy.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeXy title: "visTypeXy" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeXy plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeXy'] --- import visTypeXyObj from './vis_type_xy.devdocs.json'; diff --git a/api_docs/visualizations.mdx b/api_docs/visualizations.mdx index aaa0b47d2f530..fc9c4d760ced3 100644 --- a/api_docs/visualizations.mdx +++ b/api_docs/visualizations.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visualizations title: "visualizations" image: https://source.unsplash.com/400x175/?github description: API docs for the visualizations plugin -date: 2024-09-20 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visualizations'] --- import visualizationsObj from './visualizations.devdocs.json'; diff --git a/docs/developer/plugin-list.asciidoc b/docs/developer/plugin-list.asciidoc index 38fc136ef1fac..55a2a19040aec 100644 --- a/docs/developer/plugin-list.asciidoc +++ b/docs/developer/plugin-list.asciidoc @@ -536,6 +536,10 @@ Plugin server-side only. Plugin has three main functions: |In order to make ongoing maintenance of log collection easy we want to introduce the concept of data set quality, where users can easily get an overview on the data sets they have with information such as integration, size, last activity, among others. +|{kib-repo}blob/{branch}/x-pack/plugins/data_usage/README.md[dataUsage] +|Serverless only plugin for users to view data usage + + |{kib-repo}blob/{branch}/x-pack/plugins/data_visualizer/README.md[dataVisualizer] |The data_visualizer plugin enables you to explore the fields in your data. diff --git a/docs/playground/playground-query.asciidoc b/docs/playground/playground-query.asciidoc index 9a3f34e800017..0d98e13204284 100644 --- a/docs/playground/playground-query.asciidoc +++ b/docs/playground/playground-query.asciidoc @@ -12,7 +12,6 @@ The {x} UI enables you to view and modify these queries. * Click *View query* to open the visual query editor. * Modify the query by selecting fields to query per index. -* Click *Save changes*. [TIP] ==== diff --git a/oas_docs/output/kibana.serverless.staging.yaml b/oas_docs/output/kibana.serverless.staging.yaml new file mode 100644 index 0000000000000..15790040e6a46 --- /dev/null +++ b/oas_docs/output/kibana.serverless.staging.yaml @@ -0,0 +1,34264 @@ +openapi: 3.0.3 +info: + contact: + name: Kibana Team + description: > + **Technical preview** + + This functionality is in technical preview and may be changed or removed in + a future release. + + Elastic will work to fix any issues, but features in technical preview are + not subject to the support SLA of official GA features. + + + The Kibana REST APIs for Elastic serverless enable you to manage resources + + such as connectors, data views, and saved objects. The API calls are + + stateless. Each request that you make happens in isolation from other calls + + and must include all of the necessary information for Kibana to fulfill the + + request. API requests return JSON output, which is a format that is + + machine-readable and works well for automation. + + + To interact with Kibana APIs, use the following operations: + + + - GET: Fetches the information. + + - POST: Adds new information. + + - PUT: Updates the existing information. + + - DELETE: Removes the information. + + + You can prepend any Kibana API endpoint with `kbn:` and run the request in + + **Dev Tools → Console**. For example: + + + ``` + + GET kbn:/api/data_views + + ``` + + + ## Documentation source and versions + + + This documentation is derived from the `main` branch of the + [kibana](https://github.com/elastic/kibana) repository. + + It is provided under license [Attribution-NonCommercial-NoDerivatives 4.0 + International](https://creativecommons.org/licenses/by-nc-nd/4.0/). + title: Kibana Serverless APIs + version: 1.0.2 + x-doc-license: + name: Attribution-NonCommercial-NoDerivatives 4.0 International + url: https://creativecommons.org/licenses/by-nc-nd/4.0/ + x-feedbackLink: + label: Feedback + url: >- + https://github.com/elastic/docs-content/issues/new?assignees=&labels=feedback%2Ccommunity&projects=&template=api-feedback.yaml&title=%5BFeedback%5D%3A+ +servers: + - url: http://{kibana_host}:{port} + variables: + kibana_host: + default: localhost + port: + default: '5601' + - url: http://localhost:5622 + - url: https://{kibana_url} + variables: + kibana_url: + default: localhost:5601 + - url: / + - url: http://KIBANA_HOST:5601 + - description: local + url: http://localhost:5601 +paths: + /api/actions: + get: + deprecated: true + operationId: '%2Fapi%2Factions#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: {} + summary: Get all connectors + tags: + - connectors + /api/actions/action: + post: + deprecated: true + operationId: '%2Fapi%2Factions%2Faction#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actionTypeId: + description: The connector type identifier. + type: string + config: + additionalProperties: {} + default: {} + type: object + name: + description: The display name for the connector. + type: string + secrets: + additionalProperties: {} + default: {} + type: object + required: + - name + - actionTypeId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Create a connector + tags: + - connectors + /api/actions/action/{id}: + delete: + deprecated: true + description: 'WARNING: When you delete a connector, it cannot be recovered.' + operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + summary: Delete a connector + tags: + - connectors + get: + deprecated: true + operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Get connector information + tags: + - connectors + put: + deprecated: true + operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + default: {} + type: object + name: + type: string + secrets: + additionalProperties: {} + default: {} + type: object + required: + - name + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Update a connector + tags: + - connectors + /api/actions/action/{id}/_execute: + post: + deprecated: true + operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D%2F_execute#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + params: + additionalProperties: {} + type: object + required: + - params + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Run a connector + tags: + - connectors + /api/actions/connector_types: + get: + description: You do not need any Kibana feature privileges to run this API. + operationId: '%2Fapi%2Factions%2Fconnector_types#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: >- + A filter to limit the retrieved connector types to those that + support a specific feature (such as alerting or cases). + in: query + name: feature_id + required: false + schema: + type: string + responses: {} + summary: Get connector types + tags: + - connectors + /api/actions/connector/{id}: + delete: + description: 'WARNING: When you delete a connector, it cannot be recovered.' + operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + summary: Delete a connector + tags: + - connectors + get: + operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Get connector information + tags: + - connectors + post: + operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%3F%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: false + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + default: {} + type: object + connector_type_id: + description: The type of connector. + type: string + name: + description: The display name for the connector. + type: string + secrets: + additionalProperties: {} + default: {} + type: object + required: + - name + - connector_type_id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Create a connector + tags: + - connectors + put: + operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + default: {} + type: object + name: + description: The display name for the connector. + type: string + secrets: + additionalProperties: {} + default: {} + type: object + required: + - name + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Update a connector + tags: + - connectors + /api/actions/connector/{id}/_execute: + post: + description: >- + You can use this API to test an action that involves interaction with + Kibana services or integrations with third-party systems. + operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D%2F_execute#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + params: + additionalProperties: {} + type: object + required: + - params + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Run a connector + tags: + - connectors + /api/actions/connectors: + get: + operationId: '%2Fapi%2Factions%2Fconnectors#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: {} + summary: Get all connectors + tags: + - connectors + /api/actions/list_action_types: + get: + deprecated: true + operationId: '%2Fapi%2Factions%2Flist_action_types#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: {} + summary: Get connector types + tags: + - connectors + /api/alerting/rule/{id}: + delete: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + summary: Delete a rule + tags: + - alerting + get: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + items: + additionalProperties: false + type: object + properties: + alerts_filter: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL) as defined in + the `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the + days of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work + but lack built-in daylight savings time + support and are not recommended. + type: string + required: + - days + - hours + - timezone + connector_type_id: + description: >- + The type of connector. This property appears in + responses but cannot be set in requests. + type: string + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. + Valid values include: `onActionGroupChange`: + Actions run when the alert status changes; + `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while + the rule conditions are met; + `onThrottleInterval`: Actions run when the alert + becomes active and at the interval specified in + the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The + recommended method is to set it for each action. + If you set it at the rule level then update the + rule in Kibana, it is automatically changed to + use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often + an alert generates repeated actions. It is + specified in seconds, minutes, hours, or days + and is applicable only if 'notify_when' is set + to 'onThrottleInterval'. NOTE: You cannot + specify the throttle interval at both the rule + and action level. The recommended method is to + set it for each action. If you set it at the + rule level then update the rule in Kibana, it is + automatically changed to use action-specific + values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: >- + A universally unique identifier (UUID) for the + action. + type: string + required: + - id + - connector_type_id + - params + type: array + active_snoozes: + items: + description: List of active snoozes for the rule. + type: string + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + api_key_created_by_user: + description: >- + Indicates whether the API key that is associated with the + rule was created by the user. + nullable: true + type: boolean + api_key_owner: + description: >- + The owner of the API key that is associated with the rule + and used to run background tasks. + nullable: true + type: string + consumer: + description: >- + The name of the application or feature that owns the rule. + For example: `alerts`, `apm`, `discover`, + `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, + `securitySolution`, `siem`, `stackAlerts`, or `uptime`. + type: string + created_at: + description: The date and time that the rule was created. + type: string + created_by: + description: The identifier for the user that created the rule. + nullable: true + type: string + enabled: + description: >- + Indicates whether you want to run the rule on an interval + basis after it is created. + type: boolean + execution_status: + additionalProperties: false + type: object + properties: + error: + additionalProperties: false + type: object + properties: + message: + description: Error message. + type: string + reason: + description: Reason for error. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + type: string + required: + - reason + - message + last_duration: + description: Duration of last execution of the rule. + type: number + last_execution_date: + description: The date and time when rule was executed last. + type: string + status: + description: Status of rule execution. + enum: + - ok + - active + - error + - warning + - pending + - unknown + type: string + warning: + additionalProperties: false + type: object + properties: + message: + description: Warning message. + type: string + reason: + description: Reason for warning. + enum: + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + type: string + required: + - reason + - message + required: + - status + - last_execution_date + id: + description: The identifier for the rule. + type: string + is_snoozed_until: + description: The date when the rule will no longer be snoozed. + nullable: true + type: string + last_run: + additionalProperties: false + nullable: true + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: Number of ignored alerts during last run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: Number of recovered alerts during last run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value could be + succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: Outcome message generated during last rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + mapped_params: + additionalProperties: {} + type: object + monitoring: + additionalProperties: false + description: Monitoring details of the rule. + type: object + properties: + run: + additionalProperties: false + description: Rule run details. + type: object + properties: + calculated_metrics: + additionalProperties: false + description: >- + Calculation of different percentiles and success + ratio. + type: object + properties: + p50: + type: number + p95: + type: number + p99: + type: number + success_ratio: + type: number + required: + - success_ratio + history: + description: History of the rule run. + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule run. + type: number + outcome: + additionalProperties: false + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: >- + Number of ignored alerts during last + run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: >- + Number of recovered alerts during last + run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value + could be succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: >- + Outcome message generated during last + rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + success: + description: >- + Indicates whether the rule run was + successful. + type: boolean + timestamp: + description: Time of rule run. + type: number + required: + - success + - timestamp + type: array + last_run: + additionalProperties: false + type: object + properties: + metrics: + additionalProperties: false + type: object + properties: + duration: + description: Duration of most recent rule run. + type: number + gap_duration_s: + description: Duration in seconds of rule run gap. + nullable: true + type: number + total_alerts_created: + description: >- + Total number of alerts created during last + rule run. + nullable: true + type: number + total_alerts_detected: + description: >- + Total number of alerts detected during + last rule run. + nullable: true + type: number + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during + last rule run in milliseconds. + nullable: true + type: number + total_search_duration_ms: + description: >- + Total time spent performing Elasticsearch + searches as measured by Kibana; includes + network latency and time spent serializing + or deserializing the request and response. + nullable: true + type: number + timestamp: + description: Time of the most recent rule run. + type: string + required: + - timestamp + - metrics + required: + - history + - calculated_metrics + - last_run + required: + - run + mute_all: + description: Indicates whether all alerts are muted. + type: boolean + muted_alert_ids: + items: + description: 'List of identifiers of muted alerts. ' + type: string + type: array + name: + description: ' The name of the rule.' + type: string + next_run: + description: Date and time of the next run of the rule. + nullable: true + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the + alert becomes active and at each check interval while the + rule conditions are met; `onThrottleInterval`: Actions run + when the alert becomes active and at the interval + specified in the throttle property while the rule + conditions are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The recommended method + is to set it for each action. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + description: The parameters for the rule. + type: object + revision: + description: The rule revision number. + type: number + rule_type_id: + description: The rule type identifier. + type: string + running: + description: Indicates whether the rule is running. + nullable: true + type: boolean + schedule: + additionalProperties: false + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, + or days. + type: string + required: + - interval + scheduled_task_id: + description: Identifier of the scheduled task. + type: string + snooze_schedule: + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule snooze schedule. + type: number + id: + description: Identifier of the rule snooze schedule. + type: string + rRule: + additionalProperties: false + type: object + properties: + byhour: + items: + description: Indicates hours of the day to recur. + type: number + type: array + byminute: + items: + description: Indicates minutes of the hour to recur. + type: number + type: array + bymonth: + items: + description: >- + Indicates months of the year that this rule + should recur. + type: number + type: array + bymonthday: + items: + description: Indicates the days of the month to recur. + type: number + type: array + bysecond: + items: + description: Indicates seconds of the day to recur. + type: number + type: array + bysetpos: + items: + description: >- + A positive or negative integer affecting the + nth day of the month. For example, -2 combined + with `byweekday` of FR is 2nd to last Friday + of the month. It is recommended to not set + this manually and just use `byweekday`. + type: number + type: array + byweekday: + items: + anyOf: + - type: string + - type: number + description: >- + Indicates the days of the week to recur or + else nth-day-of-month strings. For example, + "+2TU" second Tuesday of month, "-1FR" last + Friday of the month, which are internally + converted to a `byweekday/bysetpos` + combination. + type: array + byweekno: + items: + description: Indicates number of the week hours to recur. + type: number + type: array + byyearday: + items: + description: >- + Indicates the days of the year that this rule + should recur. + type: number + type: array + count: + description: >- + Number of times the rule should recur until it + stops. + type: number + dtstart: + description: >- + Rule start date in Coordinated Universal Time + (UTC). + type: string + freq: + description: >- + Indicates frequency of the rule. Options are + YEARLY, MONTHLY, WEEKLY, DAILY. + enum: + - 0 + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + type: integer + interval: + description: >- + Indicates the interval of frequency. For + example, 1 and YEARLY is every 1 year, 2 and + WEEKLY is every 2 weeks. + type: number + tzid: + description: Indicates timezone abbreviation. + type: string + until: + description: Recur the rule until this date. + type: string + wkst: + description: Indicates the start of week, defaults to Monday. + enum: + - MO + - TU + - WE + - TH + - FR + - SA + - SU + type: string + required: + - dtstart + - tzid + skipRecurrences: + items: + description: Skips recurrence of rule on this date. + type: string + type: array + required: + - duration + - rRule + type: array + tags: + items: + description: The tags for the rule. + type: string + type: array + throttle: + deprecated: true + description: >- + Deprecated in 8.13.0. Use the `throttle` property in the + action `frequency` object instead. The throttle interval, + which defines how often an alert generates repeated + actions. NOTE: You cannot specify the throttle interval at + both the rule and action level. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + updated_at: + description: The date and time that the rule was updated most recently. + type: string + updated_by: + description: >- + The identifier for the user that updated this rule most + recently. + nullable: true + type: string + view_in_app_relative_url: + description: Relative URL to view rule in the app. + nullable: true + type: string + required: + - id + - enabled + - name + - tags + - rule_type_id + - consumer + - schedule + - actions + - params + - created_by + - updated_by + - created_at + - updated_at + - api_key_owner + - mute_all + - muted_alert_ids + - execution_status + - revision + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + summary: Get rule details + tags: + - alerting + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%3F%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: >- + The identifier for the rule. If it is omitted, an ID is randomly + generated. + in: path + name: id + required: false + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + default: [] + items: + additionalProperties: false + description: An action that runs under defined conditions. + type: object + properties: + alerts_filter: + additionalProperties: false + description: >- + Conditions that affect whether the action runs. If you + specify multiple conditions, all conditions must be + met for the action to run. For example, if an alert + occurs within the specified time frame and matches the + query, the action runs. + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query Domain + Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query Domain + Specific Language (DSL) as defined in the + `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the days + of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + description: >- + Defines the range of time in a day that the + action can run. If the `start` value is + `00:00` and the `end` value is `24:00`, + actions be generated all day. + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work but + lack built-in daylight savings time support + and are not recommended. + type: string + required: + - days + - hours + - timezone + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. Valid + values include: `onActionGroupChange`: Actions run + when the alert status changes; `onActiveAlert`: + Actions run when the alert becomes active and at + each check interval while the rule conditions are + met; `onThrottleInterval`: Actions run when the + alert becomes active and at the interval specified + in the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` at + both the rule and action level. The recommended + method is to set it for each action. If you set it + at the rule level then update the rule in Kibana, + it is automatically changed to use action-specific + values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often an + alert generates repeated actions. It is specified + in seconds, minutes, hours, or days and is + applicable only if `notify_when` is set to + `onThrottleInterval`. NOTE: You cannot specify the + throttle interval at both the rule and action + level. The recommended method is to set it for + each action. If you set it at the rule level then + update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + default: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: A universally unique identifier (UUID) for the action. + type: string + required: + - id + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + consumer: + description: >- + The name of the application or feature that owns the rule. + For example: `alerts`, `apm`, `discover`, `infrastructure`, + `logs`, `metrics`, `ml`, `monitoring`, `securitySolution`, + `siem`, `stackAlerts`, or `uptime`. + type: string + enabled: + default: true + description: >- + Indicates whether you want to run the rule on an interval + basis after it is created. + type: boolean + name: + description: >- + The name of the rule. While this name does not have to be + unique, a distinctive name can help you identify a rule. + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while the rule + conditions are met; `onThrottleInterval`: Actions run when + the alert becomes active and at the interval specified in + the throttle property while the rule conditions are met. + NOTE: You cannot specify `notify_when` at both the rule and + action level. The recommended method is to set it for each + action. If you set it at the rule level then update the rule + in Kibana, it is automatically changed to use + action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + default: {} + description: The parameters for the rule. + type: object + rule_type_id: + description: The rule type identifier. + type: string + schedule: + additionalProperties: false + description: >- + The check interval, which specifies how frequently the rule + conditions are checked. + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, or + days. + type: string + required: + - interval + tags: + default: [] + description: The tags for the rule. + items: + type: string + type: array + throttle: + description: >- + Use the `throttle` property in the action `frequency` object + instead. The throttle interval, which defines how often an + alert generates repeated actions. NOTE: You cannot specify + the throttle interval at both the rule and action level. If + you set it at the rule level then update the rule in Kibana, + it is automatically changed to use action-specific values. + nullable: true + type: string + required: + - name + - rule_type_id + - consumer + - schedule + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + items: + additionalProperties: false + type: object + properties: + alerts_filter: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL) as defined in + the `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the + days of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work + but lack built-in daylight savings time + support and are not recommended. + type: string + required: + - days + - hours + - timezone + connector_type_id: + description: >- + The type of connector. This property appears in + responses but cannot be set in requests. + type: string + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. + Valid values include: `onActionGroupChange`: + Actions run when the alert status changes; + `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while + the rule conditions are met; + `onThrottleInterval`: Actions run when the alert + becomes active and at the interval specified in + the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The + recommended method is to set it for each action. + If you set it at the rule level then update the + rule in Kibana, it is automatically changed to + use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often + an alert generates repeated actions. It is + specified in seconds, minutes, hours, or days + and is applicable only if 'notify_when' is set + to 'onThrottleInterval'. NOTE: You cannot + specify the throttle interval at both the rule + and action level. The recommended method is to + set it for each action. If you set it at the + rule level then update the rule in Kibana, it is + automatically changed to use action-specific + values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: >- + A universally unique identifier (UUID) for the + action. + type: string + required: + - id + - connector_type_id + - params + type: array + active_snoozes: + items: + description: List of active snoozes for the rule. + type: string + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + api_key_created_by_user: + description: >- + Indicates whether the API key that is associated with the + rule was created by the user. + nullable: true + type: boolean + api_key_owner: + description: >- + The owner of the API key that is associated with the rule + and used to run background tasks. + nullable: true + type: string + consumer: + description: >- + The name of the application or feature that owns the rule. + For example: `alerts`, `apm`, `discover`, + `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, + `securitySolution`, `siem`, `stackAlerts`, or `uptime`. + type: string + created_at: + description: The date and time that the rule was created. + type: string + created_by: + description: The identifier for the user that created the rule. + nullable: true + type: string + enabled: + description: >- + Indicates whether you want to run the rule on an interval + basis after it is created. + type: boolean + execution_status: + additionalProperties: false + type: object + properties: + error: + additionalProperties: false + type: object + properties: + message: + description: Error message. + type: string + reason: + description: Reason for error. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + type: string + required: + - reason + - message + last_duration: + description: Duration of last execution of the rule. + type: number + last_execution_date: + description: The date and time when rule was executed last. + type: string + status: + description: Status of rule execution. + enum: + - ok + - active + - error + - warning + - pending + - unknown + type: string + warning: + additionalProperties: false + type: object + properties: + message: + description: Warning message. + type: string + reason: + description: Reason for warning. + enum: + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + type: string + required: + - reason + - message + required: + - status + - last_execution_date + id: + description: The identifier for the rule. + type: string + is_snoozed_until: + description: The date when the rule will no longer be snoozed. + nullable: true + type: string + last_run: + additionalProperties: false + nullable: true + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: Number of ignored alerts during last run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: Number of recovered alerts during last run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value could be + succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: Outcome message generated during last rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + mapped_params: + additionalProperties: {} + type: object + monitoring: + additionalProperties: false + description: Monitoring details of the rule. + type: object + properties: + run: + additionalProperties: false + description: Rule run details. + type: object + properties: + calculated_metrics: + additionalProperties: false + description: >- + Calculation of different percentiles and success + ratio. + type: object + properties: + p50: + type: number + p95: + type: number + p99: + type: number + success_ratio: + type: number + required: + - success_ratio + history: + description: History of the rule run. + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule run. + type: number + outcome: + additionalProperties: false + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: >- + Number of ignored alerts during last + run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: >- + Number of recovered alerts during last + run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value + could be succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: >- + Outcome message generated during last + rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + success: + description: >- + Indicates whether the rule run was + successful. + type: boolean + timestamp: + description: Time of rule run. + type: number + required: + - success + - timestamp + type: array + last_run: + additionalProperties: false + type: object + properties: + metrics: + additionalProperties: false + type: object + properties: + duration: + description: Duration of most recent rule run. + type: number + gap_duration_s: + description: Duration in seconds of rule run gap. + nullable: true + type: number + total_alerts_created: + description: >- + Total number of alerts created during last + rule run. + nullable: true + type: number + total_alerts_detected: + description: >- + Total number of alerts detected during + last rule run. + nullable: true + type: number + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during + last rule run in milliseconds. + nullable: true + type: number + total_search_duration_ms: + description: >- + Total time spent performing Elasticsearch + searches as measured by Kibana; includes + network latency and time spent serializing + or deserializing the request and response. + nullable: true + type: number + timestamp: + description: Time of the most recent rule run. + type: string + required: + - timestamp + - metrics + required: + - history + - calculated_metrics + - last_run + required: + - run + mute_all: + description: Indicates whether all alerts are muted. + type: boolean + muted_alert_ids: + items: + description: 'List of identifiers of muted alerts. ' + type: string + type: array + name: + description: ' The name of the rule.' + type: string + next_run: + description: Date and time of the next run of the rule. + nullable: true + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the + alert becomes active and at each check interval while the + rule conditions are met; `onThrottleInterval`: Actions run + when the alert becomes active and at the interval + specified in the throttle property while the rule + conditions are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The recommended method + is to set it for each action. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + description: The parameters for the rule. + type: object + revision: + description: The rule revision number. + type: number + rule_type_id: + description: The rule type identifier. + type: string + running: + description: Indicates whether the rule is running. + nullable: true + type: boolean + schedule: + additionalProperties: false + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, + or days. + type: string + required: + - interval + scheduled_task_id: + description: Identifier of the scheduled task. + type: string + snooze_schedule: + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule snooze schedule. + type: number + id: + description: Identifier of the rule snooze schedule. + type: string + rRule: + additionalProperties: false + type: object + properties: + byhour: + items: + description: Indicates hours of the day to recur. + type: number + type: array + byminute: + items: + description: Indicates minutes of the hour to recur. + type: number + type: array + bymonth: + items: + description: >- + Indicates months of the year that this rule + should recur. + type: number + type: array + bymonthday: + items: + description: Indicates the days of the month to recur. + type: number + type: array + bysecond: + items: + description: Indicates seconds of the day to recur. + type: number + type: array + bysetpos: + items: + description: >- + A positive or negative integer affecting the + nth day of the month. For example, -2 combined + with `byweekday` of FR is 2nd to last Friday + of the month. It is recommended to not set + this manually and just use `byweekday`. + type: number + type: array + byweekday: + items: + anyOf: + - type: string + - type: number + description: >- + Indicates the days of the week to recur or + else nth-day-of-month strings. For example, + "+2TU" second Tuesday of month, "-1FR" last + Friday of the month, which are internally + converted to a `byweekday/bysetpos` + combination. + type: array + byweekno: + items: + description: Indicates number of the week hours to recur. + type: number + type: array + byyearday: + items: + description: >- + Indicates the days of the year that this rule + should recur. + type: number + type: array + count: + description: >- + Number of times the rule should recur until it + stops. + type: number + dtstart: + description: >- + Rule start date in Coordinated Universal Time + (UTC). + type: string + freq: + description: >- + Indicates frequency of the rule. Options are + YEARLY, MONTHLY, WEEKLY, DAILY. + enum: + - 0 + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + type: integer + interval: + description: >- + Indicates the interval of frequency. For + example, 1 and YEARLY is every 1 year, 2 and + WEEKLY is every 2 weeks. + type: number + tzid: + description: Indicates timezone abbreviation. + type: string + until: + description: Recur the rule until this date. + type: string + wkst: + description: Indicates the start of week, defaults to Monday. + enum: + - MO + - TU + - WE + - TH + - FR + - SA + - SU + type: string + required: + - dtstart + - tzid + skipRecurrences: + items: + description: Skips recurrence of rule on this date. + type: string + type: array + required: + - duration + - rRule + type: array + tags: + items: + description: The tags for the rule. + type: string + type: array + throttle: + deprecated: true + description: >- + Deprecated in 8.13.0. Use the `throttle` property in the + action `frequency` object instead. The throttle interval, + which defines how often an alert generates repeated + actions. NOTE: You cannot specify the throttle interval at + both the rule and action level. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + updated_at: + description: The date and time that the rule was updated most recently. + type: string + updated_by: + description: >- + The identifier for the user that updated this rule most + recently. + nullable: true + type: string + view_in_app_relative_url: + description: Relative URL to view rule in the app. + nullable: true + type: string + required: + - id + - enabled + - name + - tags + - rule_type_id + - consumer + - schedule + - actions + - params + - created_by + - updated_by + - created_at + - updated_at + - api_key_owner + - mute_all + - muted_alert_ids + - execution_status + - revision + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '409': + description: Indicates that the rule id is already in use. + summary: Create a rule + tags: + - alerting + put: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + default: [] + items: + additionalProperties: false + description: An action that runs under defined conditions. + type: object + properties: + alerts_filter: + additionalProperties: false + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query Domain + Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query Domain + Specific Language (DSL) as defined in the + `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the days + of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + description: >- + Defines the range of time in a day that the + action can run. If the `start` value is + `00:00` and the `end` value is `24:00`, + actions be generated all day. + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work but + lack built-in daylight savings time support + and are not recommended. + type: string + required: + - days + - hours + - timezone + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. Valid + values include: `onActionGroupChange`: Actions run + when the alert status changes; `onActiveAlert`: + Actions run when the alert becomes active and at + each check interval while the rule conditions are + met; `onThrottleInterval`: Actions run when the + alert becomes active and at the interval specified + in the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` at + both the rule and action level. The recommended + method is to set it for each action. If you set it + at the rule level then update the rule in Kibana, + it is automatically changed to use action-specific + values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often an + alert generates repeated actions. It is specified + in seconds, minutes, hours, or days and is + applicable only if `notify_when` is set to + `onThrottleInterval`. NOTE: You cannot specify the + throttle interval at both the rule and action + level. The recommended method is to set it for + each action. If you set it at the rule level then + update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + default: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: A universally unique identifier (UUID) for the action. + type: string + required: + - id + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + name: + description: >- + The name of the rule. While this name does not have to be + unique, a distinctive name can help you identify a rule. + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while the rule + conditions are met; `onThrottleInterval`: Actions run when + the alert becomes active and at the interval specified in + the throttle property while the rule conditions are met. + NOTE: You cannot specify `notify_when` at both the rule and + action level. The recommended method is to set it for each + action. If you set it at the rule level then update the rule + in Kibana, it is automatically changed to use + action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + default: {} + description: The parameters for the rule. + type: object + schedule: + additionalProperties: false + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, or + days. + type: string + required: + - interval + tags: + default: [] + items: + description: The tags for the rule. + type: string + type: array + throttle: + description: >- + Use the `throttle` property in the action `frequency` object + instead. The throttle interval, which defines how often an + alert generates repeated actions. NOTE: You cannot specify + the throttle interval at both the rule and action level. If + you set it at the rule level then update the rule in Kibana, + it is automatically changed to use action-specific values. + nullable: true + type: string + required: + - name + - schedule + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + items: + additionalProperties: false + type: object + properties: + alerts_filter: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL) as defined in + the `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the + days of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work + but lack built-in daylight savings time + support and are not recommended. + type: string + required: + - days + - hours + - timezone + connector_type_id: + description: >- + The type of connector. This property appears in + responses but cannot be set in requests. + type: string + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. + Valid values include: `onActionGroupChange`: + Actions run when the alert status changes; + `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while + the rule conditions are met; + `onThrottleInterval`: Actions run when the alert + becomes active and at the interval specified in + the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The + recommended method is to set it for each action. + If you set it at the rule level then update the + rule in Kibana, it is automatically changed to + use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often + an alert generates repeated actions. It is + specified in seconds, minutes, hours, or days + and is applicable only if 'notify_when' is set + to 'onThrottleInterval'. NOTE: You cannot + specify the throttle interval at both the rule + and action level. The recommended method is to + set it for each action. If you set it at the + rule level then update the rule in Kibana, it is + automatically changed to use action-specific + values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: >- + A universally unique identifier (UUID) for the + action. + type: string + required: + - id + - connector_type_id + - params + type: array + active_snoozes: + items: + description: List of active snoozes for the rule. + type: string + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + api_key_created_by_user: + description: >- + Indicates whether the API key that is associated with the + rule was created by the user. + nullable: true + type: boolean + api_key_owner: + description: >- + The owner of the API key that is associated with the rule + and used to run background tasks. + nullable: true + type: string + consumer: + description: >- + The name of the application or feature that owns the rule. + For example: `alerts`, `apm`, `discover`, + `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, + `securitySolution`, `siem`, `stackAlerts`, or `uptime`. + type: string + created_at: + description: The date and time that the rule was created. + type: string + created_by: + description: The identifier for the user that created the rule. + nullable: true + type: string + enabled: + description: >- + Indicates whether you want to run the rule on an interval + basis after it is created. + type: boolean + execution_status: + additionalProperties: false + type: object + properties: + error: + additionalProperties: false + type: object + properties: + message: + description: Error message. + type: string + reason: + description: Reason for error. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + type: string + required: + - reason + - message + last_duration: + description: Duration of last execution of the rule. + type: number + last_execution_date: + description: The date and time when rule was executed last. + type: string + status: + description: Status of rule execution. + enum: + - ok + - active + - error + - warning + - pending + - unknown + type: string + warning: + additionalProperties: false + type: object + properties: + message: + description: Warning message. + type: string + reason: + description: Reason for warning. + enum: + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + type: string + required: + - reason + - message + required: + - status + - last_execution_date + id: + description: The identifier for the rule. + type: string + is_snoozed_until: + description: The date when the rule will no longer be snoozed. + nullable: true + type: string + last_run: + additionalProperties: false + nullable: true + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: Number of ignored alerts during last run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: Number of recovered alerts during last run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value could be + succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: Outcome message generated during last rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + mapped_params: + additionalProperties: {} + type: object + monitoring: + additionalProperties: false + description: Monitoring details of the rule. + type: object + properties: + run: + additionalProperties: false + description: Rule run details. + type: object + properties: + calculated_metrics: + additionalProperties: false + description: >- + Calculation of different percentiles and success + ratio. + type: object + properties: + p50: + type: number + p95: + type: number + p99: + type: number + success_ratio: + type: number + required: + - success_ratio + history: + description: History of the rule run. + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule run. + type: number + outcome: + additionalProperties: false + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: >- + Number of ignored alerts during last + run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: >- + Number of recovered alerts during last + run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value + could be succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: >- + Outcome message generated during last + rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + success: + description: >- + Indicates whether the rule run was + successful. + type: boolean + timestamp: + description: Time of rule run. + type: number + required: + - success + - timestamp + type: array + last_run: + additionalProperties: false + type: object + properties: + metrics: + additionalProperties: false + type: object + properties: + duration: + description: Duration of most recent rule run. + type: number + gap_duration_s: + description: Duration in seconds of rule run gap. + nullable: true + type: number + total_alerts_created: + description: >- + Total number of alerts created during last + rule run. + nullable: true + type: number + total_alerts_detected: + description: >- + Total number of alerts detected during + last rule run. + nullable: true + type: number + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during + last rule run in milliseconds. + nullable: true + type: number + total_search_duration_ms: + description: >- + Total time spent performing Elasticsearch + searches as measured by Kibana; includes + network latency and time spent serializing + or deserializing the request and response. + nullable: true + type: number + timestamp: + description: Time of the most recent rule run. + type: string + required: + - timestamp + - metrics + required: + - history + - calculated_metrics + - last_run + required: + - run + mute_all: + description: Indicates whether all alerts are muted. + type: boolean + muted_alert_ids: + items: + description: 'List of identifiers of muted alerts. ' + type: string + type: array + name: + description: ' The name of the rule.' + type: string + next_run: + description: Date and time of the next run of the rule. + nullable: true + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the + alert becomes active and at each check interval while the + rule conditions are met; `onThrottleInterval`: Actions run + when the alert becomes active and at the interval + specified in the throttle property while the rule + conditions are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The recommended method + is to set it for each action. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + description: The parameters for the rule. + type: object + revision: + description: The rule revision number. + type: number + rule_type_id: + description: The rule type identifier. + type: string + running: + description: Indicates whether the rule is running. + nullable: true + type: boolean + schedule: + additionalProperties: false + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, + or days. + type: string + required: + - interval + scheduled_task_id: + description: Identifier of the scheduled task. + type: string + snooze_schedule: + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule snooze schedule. + type: number + id: + description: Identifier of the rule snooze schedule. + type: string + rRule: + additionalProperties: false + type: object + properties: + byhour: + items: + description: Indicates hours of the day to recur. + type: number + type: array + byminute: + items: + description: Indicates minutes of the hour to recur. + type: number + type: array + bymonth: + items: + description: >- + Indicates months of the year that this rule + should recur. + type: number + type: array + bymonthday: + items: + description: Indicates the days of the month to recur. + type: number + type: array + bysecond: + items: + description: Indicates seconds of the day to recur. + type: number + type: array + bysetpos: + items: + description: >- + A positive or negative integer affecting the + nth day of the month. For example, -2 combined + with `byweekday` of FR is 2nd to last Friday + of the month. It is recommended to not set + this manually and just use `byweekday`. + type: number + type: array + byweekday: + items: + anyOf: + - type: string + - type: number + description: >- + Indicates the days of the week to recur or + else nth-day-of-month strings. For example, + "+2TU" second Tuesday of month, "-1FR" last + Friday of the month, which are internally + converted to a `byweekday/bysetpos` + combination. + type: array + byweekno: + items: + description: Indicates number of the week hours to recur. + type: number + type: array + byyearday: + items: + description: >- + Indicates the days of the year that this rule + should recur. + type: number + type: array + count: + description: >- + Number of times the rule should recur until it + stops. + type: number + dtstart: + description: >- + Rule start date in Coordinated Universal Time + (UTC). + type: string + freq: + description: >- + Indicates frequency of the rule. Options are + YEARLY, MONTHLY, WEEKLY, DAILY. + enum: + - 0 + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + type: integer + interval: + description: >- + Indicates the interval of frequency. For + example, 1 and YEARLY is every 1 year, 2 and + WEEKLY is every 2 weeks. + type: number + tzid: + description: Indicates timezone abbreviation. + type: string + until: + description: Recur the rule until this date. + type: string + wkst: + description: Indicates the start of week, defaults to Monday. + enum: + - MO + - TU + - WE + - TH + - FR + - SA + - SU + type: string + required: + - dtstart + - tzid + skipRecurrences: + items: + description: Skips recurrence of rule on this date. + type: string + type: array + required: + - duration + - rRule + type: array + tags: + items: + description: The tags for the rule. + type: string + type: array + throttle: + deprecated: true + description: >- + Deprecated in 8.13.0. Use the `throttle` property in the + action `frequency` object instead. The throttle interval, + which defines how often an alert generates repeated + actions. NOTE: You cannot specify the throttle interval at + both the rule and action level. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + updated_at: + description: The date and time that the rule was updated most recently. + type: string + updated_by: + description: >- + The identifier for the user that updated this rule most + recently. + nullable: true + type: string + view_in_app_relative_url: + description: Relative URL to view rule in the app. + nullable: true + type: string + required: + - id + - enabled + - name + - tags + - rule_type_id + - consumer + - schedule + - actions + - params + - created_by + - updated_by + - created_at + - updated_at + - api_key_owner + - mute_all + - muted_alert_ids + - execution_status + - revision + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + '409': + description: Indicates that the rule has already been updated by another user. + summary: Update a rule + tags: + - alerting + /api/alerting/rule/{id}/_disable: + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_disable#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + untrack: + description: Defines whether this rule's alerts should be untracked. + type: boolean + x-oas-optional: true + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + summary: Disable a rule + tags: + - alerting + /api/alerting/rule/{id}/_enable: + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_enable#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + summary: Enable a rule + tags: + - alerting + /api/alerting/rule/{id}/_mute_all: + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_mute_all#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + summary: Mute all alerts + tags: + - alerting + /api/alerting/rule/{id}/_unmute_all: + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_unmute_all#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + summary: Unmute all alerts + tags: + - alerting + /api/alerting/rule/{id}/_update_api_key: + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_update_api_key#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + '409': + description: Indicates that the rule has already been updated by another user. + summary: Update the API key for a rule + tags: + - alerting + /api/alerting/rule/{rule_id}/alert/{alert_id}/_mute: + post: + operationId: >- + %2Fapi%2Falerting%2Frule%2F%7Brule_id%7D%2Falert%2F%7Balert_id%7D%2F_mute#0 + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: rule_id + required: true + schema: + type: string + - description: The identifier for the alert. + in: path + name: alert_id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule or alert with the given ID does not exist. + summary: Mute an alert + tags: + - alerting + /api/alerting/rule/{rule_id}/alert/{alert_id}/_unmute: + post: + operationId: >- + %2Fapi%2Falerting%2Frule%2F%7Brule_id%7D%2Falert%2F%7Balert_id%7D%2F_unmute#0 + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: rule_id + required: true + schema: + type: string + - description: The identifier for the alert. + in: path + name: alert_id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule or alert with the given ID does not exist. + summary: Unmute an alert + tags: + - alerting + /api/alerting/rules/_find: + get: + operationId: '%2Fapi%2Falerting%2Frules%2F_find#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: The number of rules to return per page. + in: query + name: per_page + required: false + schema: + default: 10 + minimum: 0 + type: number + - description: The page number to return. + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: number + - description: >- + An Elasticsearch simple_query_string query that filters the objects + in the response. + in: query + name: search + required: false + schema: + type: string + - description: The default operator to use for the simple_query_string. + in: query + name: default_search_operator + required: false + schema: + default: OR + enum: + - OR + - AND + type: string + - description: The fields to perform the simple_query_string parsed query against. + in: query + name: search_fields + required: false + schema: + anyOf: + - items: + type: string + type: array + - type: string + - description: >- + Determines which field is used to sort the results. The field must + exist in the `attributes` key of the response. + in: query + name: sort_field + required: false + schema: + type: string + - description: Determines the sort order. + in: query + name: sort_order + required: false + schema: + enum: + - asc + - desc + type: string + - description: >- + Filters the rules that have a relation with the reference objects + with a specific type and identifier. + in: query + name: has_reference + required: false + schema: + additionalProperties: false + nullable: true + type: object + properties: + id: + type: string + type: + type: string + required: + - type + - id + - in: query + name: fields + required: false + schema: + items: + description: The fields to return in the `attributes` key of the response. + type: string + type: array + - description: >- + A KQL string that you filter with an attribute from your saved + object. It should look like `savedObjectType.attributes.title: + "myTitle"`. However, if you used a direct attribute of a saved + object, such as `updatedAt`, you must define your filter, for + example, `savedObjectType.updatedAt > 2018-12-22`. + in: query + name: filter + required: false + schema: + type: string + - in: query + name: filter_consumers + required: false + schema: + items: + description: List of consumers to filter. + type: string + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + items: + additionalProperties: false + type: object + properties: + alerts_filter: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL) as defined in + the `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the + days of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work + but lack built-in daylight savings time + support and are not recommended. + type: string + required: + - days + - hours + - timezone + connector_type_id: + description: >- + The type of connector. This property appears in + responses but cannot be set in requests. + type: string + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. + Valid values include: `onActionGroupChange`: + Actions run when the alert status changes; + `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while + the rule conditions are met; + `onThrottleInterval`: Actions run when the alert + becomes active and at the interval specified in + the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The + recommended method is to set it for each action. + If you set it at the rule level then update the + rule in Kibana, it is automatically changed to + use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often + an alert generates repeated actions. It is + specified in seconds, minutes, hours, or days + and is applicable only if 'notify_when' is set + to 'onThrottleInterval'. NOTE: You cannot + specify the throttle interval at both the rule + and action level. The recommended method is to + set it for each action. If you set it at the + rule level then update the rule in Kibana, it is + automatically changed to use action-specific + values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: >- + A universally unique identifier (UUID) for the + action. + type: string + required: + - id + - connector_type_id + - params + type: array + active_snoozes: + items: + description: List of active snoozes for the rule. + type: string + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + api_key_created_by_user: + description: >- + Indicates whether the API key that is associated with the + rule was created by the user. + nullable: true + type: boolean + api_key_owner: + description: >- + The owner of the API key that is associated with the rule + and used to run background tasks. + nullable: true + type: string + consumer: + description: >- + The name of the application or feature that owns the rule. + For example: `alerts`, `apm`, `discover`, + `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, + `securitySolution`, `siem`, `stackAlerts`, or `uptime`. + type: string + created_at: + description: The date and time that the rule was created. + type: string + created_by: + description: The identifier for the user that created the rule. + nullable: true + type: string + enabled: + description: >- + Indicates whether you want to run the rule on an interval + basis after it is created. + type: boolean + execution_status: + additionalProperties: false + type: object + properties: + error: + additionalProperties: false + type: object + properties: + message: + description: Error message. + type: string + reason: + description: Reason for error. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + type: string + required: + - reason + - message + last_duration: + description: Duration of last execution of the rule. + type: number + last_execution_date: + description: The date and time when rule was executed last. + type: string + status: + description: Status of rule execution. + enum: + - ok + - active + - error + - warning + - pending + - unknown + type: string + warning: + additionalProperties: false + type: object + properties: + message: + description: Warning message. + type: string + reason: + description: Reason for warning. + enum: + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + type: string + required: + - reason + - message + required: + - status + - last_execution_date + id: + description: The identifier for the rule. + type: string + is_snoozed_until: + description: The date when the rule will no longer be snoozed. + nullable: true + type: string + last_run: + additionalProperties: false + nullable: true + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: Number of ignored alerts during last run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: Number of recovered alerts during last run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value could be + succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: Outcome message generated during last rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + mapped_params: + additionalProperties: {} + type: object + monitoring: + additionalProperties: false + description: Monitoring details of the rule. + type: object + properties: + run: + additionalProperties: false + description: Rule run details. + type: object + properties: + calculated_metrics: + additionalProperties: false + description: >- + Calculation of different percentiles and success + ratio. + type: object + properties: + p50: + type: number + p95: + type: number + p99: + type: number + success_ratio: + type: number + required: + - success_ratio + history: + description: History of the rule run. + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule run. + type: number + outcome: + additionalProperties: false + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: >- + Number of ignored alerts during last + run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: >- + Number of recovered alerts during last + run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value + could be succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: >- + Outcome message generated during last + rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + success: + description: >- + Indicates whether the rule run was + successful. + type: boolean + timestamp: + description: Time of rule run. + type: number + required: + - success + - timestamp + type: array + last_run: + additionalProperties: false + type: object + properties: + metrics: + additionalProperties: false + type: object + properties: + duration: + description: Duration of most recent rule run. + type: number + gap_duration_s: + description: Duration in seconds of rule run gap. + nullable: true + type: number + total_alerts_created: + description: >- + Total number of alerts created during last + rule run. + nullable: true + type: number + total_alerts_detected: + description: >- + Total number of alerts detected during + last rule run. + nullable: true + type: number + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during + last rule run in milliseconds. + nullable: true + type: number + total_search_duration_ms: + description: >- + Total time spent performing Elasticsearch + searches as measured by Kibana; includes + network latency and time spent serializing + or deserializing the request and response. + nullable: true + type: number + timestamp: + description: Time of the most recent rule run. + type: string + required: + - timestamp + - metrics + required: + - history + - calculated_metrics + - last_run + required: + - run + mute_all: + description: Indicates whether all alerts are muted. + type: boolean + muted_alert_ids: + items: + description: 'List of identifiers of muted alerts. ' + type: string + type: array + name: + description: ' The name of the rule.' + type: string + next_run: + description: Date and time of the next run of the rule. + nullable: true + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the + alert becomes active and at each check interval while the + rule conditions are met; `onThrottleInterval`: Actions run + when the alert becomes active and at the interval + specified in the throttle property while the rule + conditions are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The recommended method + is to set it for each action. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + description: The parameters for the rule. + type: object + revision: + description: The rule revision number. + type: number + rule_type_id: + description: The rule type identifier. + type: string + running: + description: Indicates whether the rule is running. + nullable: true + type: boolean + schedule: + additionalProperties: false + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, + or days. + type: string + required: + - interval + scheduled_task_id: + description: Identifier of the scheduled task. + type: string + snooze_schedule: + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule snooze schedule. + type: number + id: + description: Identifier of the rule snooze schedule. + type: string + rRule: + additionalProperties: false + type: object + properties: + byhour: + items: + description: Indicates hours of the day to recur. + type: number + type: array + byminute: + items: + description: Indicates minutes of the hour to recur. + type: number + type: array + bymonth: + items: + description: >- + Indicates months of the year that this rule + should recur. + type: number + type: array + bymonthday: + items: + description: Indicates the days of the month to recur. + type: number + type: array + bysecond: + items: + description: Indicates seconds of the day to recur. + type: number + type: array + bysetpos: + items: + description: >- + A positive or negative integer affecting the + nth day of the month. For example, -2 combined + with `byweekday` of FR is 2nd to last Friday + of the month. It is recommended to not set + this manually and just use `byweekday`. + type: number + type: array + byweekday: + items: + anyOf: + - type: string + - type: number + description: >- + Indicates the days of the week to recur or + else nth-day-of-month strings. For example, + "+2TU" second Tuesday of month, "-1FR" last + Friday of the month, which are internally + converted to a `byweekday/bysetpos` + combination. + type: array + byweekno: + items: + description: Indicates number of the week hours to recur. + type: number + type: array + byyearday: + items: + description: >- + Indicates the days of the year that this rule + should recur. + type: number + type: array + count: + description: >- + Number of times the rule should recur until it + stops. + type: number + dtstart: + description: >- + Rule start date in Coordinated Universal Time + (UTC). + type: string + freq: + description: >- + Indicates frequency of the rule. Options are + YEARLY, MONTHLY, WEEKLY, DAILY. + enum: + - 0 + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + type: integer + interval: + description: >- + Indicates the interval of frequency. For + example, 1 and YEARLY is every 1 year, 2 and + WEEKLY is every 2 weeks. + type: number + tzid: + description: Indicates timezone abbreviation. + type: string + until: + description: Recur the rule until this date. + type: string + wkst: + description: Indicates the start of week, defaults to Monday. + enum: + - MO + - TU + - WE + - TH + - FR + - SA + - SU + type: string + required: + - dtstart + - tzid + skipRecurrences: + items: + description: Skips recurrence of rule on this date. + type: string + type: array + required: + - duration + - rRule + type: array + tags: + items: + description: The tags for the rule. + type: string + type: array + throttle: + deprecated: true + description: >- + Deprecated in 8.13.0. Use the `throttle` property in the + action `frequency` object instead. The throttle interval, + which defines how often an alert generates repeated + actions. NOTE: You cannot specify the throttle interval at + both the rule and action level. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + updated_at: + description: The date and time that the rule was updated most recently. + type: string + updated_by: + description: >- + The identifier for the user that updated this rule most + recently. + nullable: true + type: string + view_in_app_relative_url: + description: Relative URL to view rule in the app. + nullable: true + type: string + required: + - id + - enabled + - name + - tags + - rule_type_id + - consumer + - schedule + - actions + - params + - created_by + - updated_by + - created_at + - updated_at + - api_key_owner + - mute_all + - muted_alert_ids + - execution_status + - revision + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + summary: Get information about rules + tags: + - alerting + /api/apm/agent_keys: + post: + description: Create a new agent key for APM. + operationId: createAgentKey + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + name: + type: string + privileges: + items: + enum: + - event:write + - config_agent:read + type: string + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + api_key: + type: string + encoded: + type: string + expiration: + format: int64 + type: integer + id: + type: string + name: + type: string + description: Agent key created successfully + summary: Create an APM agent key + tags: + - APM agent keys + /api/apm/services/{serviceName}/annotation: + post: + description: Create a new annotation for a specific service. + operationId: createAnnotation + parameters: + - description: The name of the service + in: path + name: serviceName + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + '@timestamp': + type: string + message: + type: string + service: + type: object + properties: + environment: + type: string + version: + type: string + tags: + items: + type: string + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _id: + type: string + _index: + type: string + _source: + type: object + properties: + '@timestamp': + type: string + annotation: + type: string + event: + type: object + properties: + created: + type: string + message: + type: string + service: + type: object + properties: + environment: + type: string + name: + type: string + version: + type: string + tags: + items: + type: string + type: array + description: Annotation created successfully + summary: Create a service annotation + tags: + - APM annotations + /api/apm/services/{serviceName}/annotation/search: + get: + description: Search for annotations related to a specific service. + operationId: getAnnotation + parameters: + - description: The name of the service + in: path + name: serviceName + required: true + schema: + type: string + - description: The environment to filter annotations by + in: query + name: environment + required: false + schema: + type: string + - description: The start date for the search + in: query + name: start + required: false + schema: + type: string + - description: The end date for the search + in: query + name: end + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + annotations: + items: + type: object + properties: + '@timestamp': + type: number + id: + type: string + text: + type: string + type: + enum: + - version + type: string + type: array + description: Successful response + summary: Search for annotations + tags: + - APM annotations + /api/asset_criticality: + delete: + description: Delete the asset criticality record for a specific entity. + operationId: DeleteAssetCriticalityRecord + parameters: + - description: The ID value of the asset. + in: query + name: id_value + required: true + schema: + type: string + - description: The field representing the ID. + example: host.name + in: query + name: id_field + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IdField + - description: If 'wait_for' the request will wait for the index refresh. + in: query + name: refresh + required: false + schema: + enum: + - wait_for + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + deleted: + description: >- + True if the record was deleted or false if the record did + not exist. + type: boolean + record: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + description: The deleted record if it existed. + required: + - deleted + description: Successful response + '400': + description: Invalid request + summary: Delete an asset criticality record + tags: + - Security Solution Entity Analytics API + get: + description: Get the asset criticality record for a specific entity. + operationId: GetAssetCriticalityRecord + parameters: + - description: The ID value of the asset. + in: query + name: id_value + required: true + schema: + type: string + - description: The field representing the ID. + example: host.name + in: query + name: id_field + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IdField + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + description: Successful response + '400': + description: Invalid request + '404': + description: Criticality record not found + summary: Get an asset criticality record + tags: + - Security Solution Entity Analytics API + post: + description: > + Create or update an asset criticality record for a specific entity. + + + If a record already exists for the specified entity, that record is + overwritten with the specified value. If a record doesn't exist for the + specified entity, a new record is created. + operationId: CreateAssetCriticalityRecord + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord + - type: object + properties: + refresh: + description: >- + If 'wait_for' the request will wait for the index + refresh. + enum: + - wait_for + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + description: Successful response + '400': + description: Invalid request + summary: Upsert an asset criticality record + tags: + - Security Solution Entity Analytics API + /api/asset_criticality/bulk: + post: + description: > + Bulk upsert up to 1000 asset criticality records. + + + If asset criticality records already exist for the specified entities, + those records are overwritten with the specified values. If asset + criticality records don't exist for the specified entities, new records + are created. + operationId: BulkUpsertAssetCriticalityRecords + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + example: + records: + - criticality_level: low_impact + id_field: host.name + id_value: host-1 + - criticality_level: medium_impact + id_field: host.name + id_value: host-2 + type: object + properties: + records: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord + maxItems: 1000 + minItems: 1 + type: array + required: + - records + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + example: + errors: + - index: 0 + message: Invalid ID field + stats: + failed: 1 + successful: 1 + total: 2 + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadErrorItem + type: array + stats: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadStats + required: + - errors + - stats + description: Bulk upload successful + '413': + description: File too large + summary: Bulk upsert asset criticality records + tags: + - Security Solution Entity Analytics API + /api/asset_criticality/list: + get: + description: List asset criticality records, paging, sorting and filtering as needed. + operationId: FindAssetCriticalityRecords + parameters: + - description: The field to sort by. + in: query + name: sort_field + required: false + schema: + enum: + - id_value + - id_field + - criticality_level + - \@timestamp + type: string + - description: The order to sort by. + in: query + name: sort_direction + required: false + schema: + enum: + - asc + - desc + type: string + - description: The page number to return. + in: query + name: page + required: false + schema: + minimum: 1 + type: integer + - description: The number of records to return per page. + in: query + name: per_page + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + - description: The kuery to filter by. + in: query + name: kuery + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + page: + minimum: 1 + type: integer + per_page: + maximum: 1000 + minimum: 1 + type: integer + records: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + type: array + total: + minimum: 0 + type: integer + required: + - records + - page + - per_page + - total + description: Bulk upload successful + summary: List asset criticality records + tags: + - Security Solution Entity Analytics API + /api/data_views: + get: + operationId: getAllDataViewsDefault + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getAllDataViewsResponse: + $ref: '#/components/examples/Data_views_get_data_views_response' + schema: + type: object + properties: + data_view: + items: + type: object + properties: + id: + type: string + name: + type: string + namespaces: + items: + type: string + type: array + title: + type: string + typeMeta: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Get all data views + tags: + - data views + /api/data_views/data_view: + post: + operationId: createDataViewDefaultw + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createDataViewRequest: + $ref: '#/components/examples/Data_views_create_data_view_request' + schema: + $ref: '#/components/schemas/Data_views_create_data_view_request_object' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_data_view_response_object' + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Create a data view + tags: + - data views + /api/data_views/data_view/{viewId}: + delete: + description: | + WARNING: When you delete a data view, it cannot be recovered. + operationId: deleteDataViewDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' + responses: + '204': + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Delete a data view + tags: + - data views + get: + operationId: getDataViewDefault + parameters: + - $ref: '#/components/parameters/Data_views_view_id' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getDataViewResponse: + $ref: '#/components/examples/Data_views_get_data_view_response' + schema: + $ref: '#/components/schemas/Data_views_data_view_response_object' + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Get a data view + tags: + - data views + post: + operationId: updateDataViewDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateDataViewRequest: + $ref: '#/components/examples/Data_views_update_data_view_request' + schema: + $ref: '#/components/schemas/Data_views_update_data_view_request_object' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_data_view_response_object' + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Update a data view + tags: + - data views + /api/data_views/data_view/{viewId}/fields: + post: + description: > + Update fields presentation metadata such as count, customLabel, + customDescription, and format. + operationId: updateFieldsMetadataDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateFieldsMetadataRequest: + $ref: '#/components/examples/Data_views_update_field_metadata_request' + schema: + type: object + properties: + fields: + description: The field object. + type: object + required: + - fields + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Update data view fields metadata + tags: + - data views + /api/data_views/data_view/{viewId}/runtime_field: + post: + operationId: createRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createRuntimeFieldRequest: + $ref: '#/components/examples/Data_views_create_runtime_field_request' + schema: + type: object + properties: + name: + description: | + The name for a runtime field. + type: string + runtimeField: + description: | + The runtime field definition object. + type: object + required: + - name + - runtimeField + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + summary: Create a runtime field + tags: + - data views + put: + operationId: createUpdateRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - description: | + The ID of the data view fields you want to update. + in: path + name: viewId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateRuntimeFieldRequest: + $ref: '#/components/examples/Data_views_create_runtime_field_request' + schema: + type: object + properties: + name: + description: | + The name for a runtime field. + type: string + runtimeField: + description: | + The runtime field definition object. + type: object + required: + - name + - runtimeField + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data_view: + type: object + fields: + items: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Create or update a runtime field + tags: + - data views + /api/data_views/data_view/{viewId}/runtime_field/{fieldName}: + delete: + operationId: deleteRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_field_name' + - $ref: '#/components/parameters/Data_views_view_id' + responses: + '200': + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Delete a runtime field from a data view + tags: + - data views + get: + operationId: getRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_field_name' + - $ref: '#/components/parameters/Data_views_view_id' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getRuntimeFieldResponse: + $ref: '#/components/examples/Data_views_get_runtime_field_response' + schema: + type: object + properties: + data_view: + type: object + fields: + items: + type: object + type: array + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Get a runtime field + tags: + - data views + post: + operationId: updateRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_field_name' + - $ref: '#/components/parameters/Data_views_view_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateRuntimeFieldRequest: + $ref: '#/components/examples/Data_views_update_runtime_field_request' + schema: + type: object + properties: + runtimeField: + description: | + The runtime field definition object. + + You can update following fields: + + - `type` + - `script` + type: object + required: + - runtimeField + required: true + responses: + '200': + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Update a runtime field + tags: + - data views + /api/data_views/default: + get: + operationId: getDefaultDataViewDefault + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getDefaultDataViewResponse: + $ref: >- + #/components/examples/Data_views_get_default_data_view_response + schema: + type: object + properties: + data_view_id: + type: string + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Get the default data view + tags: + - data views + post: + operationId: setDefaultDatailViewDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + setDefaultDataViewRequest: + $ref: '#/components/examples/Data_views_set_default_data_view_request' + schema: + type: object + properties: + data_view_id: + description: > + The data view identifier. NOTE: The API does not validate + whether it is a valid identifier. Use `null` to unset the + default data view. + nullable: true + type: string + force: + default: false + description: Update an existing default data view identifier. + type: boolean + required: + - data_view_id + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Set the default data view + tags: + - data views + /api/data_views/swap_references: + post: + description: > + Changes saved object references from one data view identifier to + another. WARNING: Misuse can break large numbers of saved objects! + Practicing with a backup is recommended. + operationId: swapDataViewsDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + swapDataViewRequest: + $ref: '#/components/examples/Data_views_swap_data_view_request' + schema: + $ref: '#/components/schemas/Data_views_swap_data_view_request_object' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + deleteStatus: + type: object + properties: + deletePerformed: + type: boolean + remainingRefs: + type: integer + result: + items: + type: object + properties: + id: + description: A saved object identifier. + type: string + type: + description: The saved object type. + type: string + type: array + description: Indicates a successful call. + summary: Swap saved object references + tags: + - data views + /api/data_views/swap_references/_preview: + post: + description: > + Preview the impact of swapping saved object references from one data + view identifier to another. + operationId: previewSwapDataViewsDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + previewSwapDataViewRequest: + $ref: >- + #/components/examples/Data_views_preview_swap_data_view_request + schema: + $ref: '#/components/schemas/Data_views_swap_data_view_request_object' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + result: + items: + type: object + properties: + id: + description: A saved object identifier. + type: string + type: + description: The saved object type. + type: string + type: array + description: Indicates a successful call. + summary: Preview a saved object reference swap + tags: + - data views + /api/detection_engine/privileges: + get: + description: > + Retrieves whether or not the user is authenticated, and the user's + Kibana + + space and index privileges, which determine if the user can create an + + index for the Elastic Security alerts generated by + + detection engine rules. + operationId: ReadPrivileges + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + has_encryption_key: + type: boolean + is_authenticated: + type: boolean + required: + - is_authenticated + - has_encryption_key + description: Successful response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Returns user privileges for the Kibana space + tags: + - Security Solution Detections API + - Privileges API + /api/detection_engine/rules: + delete: + description: Delete a detection rule using the `rule_id` or `id` field. + operationId: DeleteRule + parameters: + - description: The rule's `id` value. + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleObjectId' + - description: The rule's `rule_id` value. + in: query + name: rule_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Delete a detection rule + tags: + - Security Solution Detections API + - Rules API + get: + description: Retrieve a detection rule using the `rule_id` or `id` field. + operationId: ReadRule + parameters: + - description: The rule's `id` value. + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleObjectId' + - description: The rule's `rule_id` value. + in: query + name: rule_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Retrieve a detection rule + tags: + - Security Solution Detections API + - Rules API + patch: + description: >- + Update specific fields of an existing detection rule using the `rule_id` + or `id` field. + operationId: PatchRule + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePatchProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Patch a detection rule + tags: + - Security Solution Detections API + - Rules API + post: + description: Create a new detection rule. + operationId: CreateRule + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleCreateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Create a detection rule + tags: + - Security Solution Detections API + - Rules API + put: + description: > + Update a detection rule using the `rule_id` or `id` field. The original + rule is replaced, and all unspecified fields are deleted. + + > info + + > You cannot modify the `id` or `rule_id` values. + operationId: UpdateRule + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleUpdateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Update a detection rule + tags: + - Security Solution Detections API + - Rules API + /api/detection_engine/rules/_bulk_action: + post: + description: >- + Apply a bulk action, such as bulk edit, duplicate, or delete, to + multiple detection rules. The bulk action is applied to all rules that + match the query or to the rules listed by their IDs. + operationId: PerformRulesBulkAction + parameters: + - description: Enables dry run mode for the request call. + in: query + name: dry_run + required: false + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkDeleteRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkDisableRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEnableRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkExportRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkDuplicateRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkManualRuleRun + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditRules + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditActionResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkExportActionResponse + description: OK + summary: Apply a bulk action to detection rules + tags: + - Security Solution Detections API + - Bulk API + /api/detection_engine/rules/_export: + post: + description: > + Export detection rules to an `.ndjson` file. The following configuration + items are also included in the `.ndjson` file: + + - Actions + + - Exception lists + + > info + + > You cannot export prebuilt rules. + operationId: ExportRules + parameters: + - description: Determines whether a summary of the exported rules is returned. + in: query + name: exclude_export_details + required: false + schema: + default: false + type: boolean + - description: File name for saving the exported rules. + in: query + name: file_name + required: false + schema: + default: export.ndjson + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + nullable: true + type: object + properties: + objects: + description: >- + Array of `rule_id` fields. Exports all rules when + unspecified. + items: + type: object + properties: + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + required: + - rule_id + type: array + required: + - objects + required: false + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: An `.ndjson` file containing the returned rules. + format: binary + type: string + description: Indicates a successful call. + summary: Export detection rules + tags: + - Security Solution Detections API + - Import/Export API + /api/detection_engine/rules/_find: + get: + description: >- + Retrieve a paginated list of detection rules. By default, the first page + is returned, with 20 results per page. + operationId: FindRules + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_FindRulesSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Detections_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Rules per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + summary: List all detection rules + tags: + - Security Solution Detections API + - Rules API + /api/detection_engine/rules/_import: + post: + description: > + Import detection rules from an `.ndjson` file, including actions and + exception lists. The request must include: + + - The `Content-Type: multipart/form-data` HTTP header. + + - A link to the `.ndjson` file containing the rules. + operationId: ImportRules + parameters: + - description: >- + Determines whether existing rules with the same `rule_id` are + overwritten. + in: query + name: overwrite + required: false + schema: + default: false + type: boolean + - description: >- + Determines whether existing exception lists with the same `list_id` + are overwritten. + in: query + name: overwrite_exceptions + required: false + schema: + default: false + type: boolean + - description: >- + Determines whether existing actions with the same + `kibana.alert.rule.actions.id` are overwritten. + in: query + name: overwrite_action_connectors + required: false + schema: + default: false + type: boolean + - description: Generates a new list ID for each imported exception list. + in: query + name: as_new_list + required: false + schema: + default: false + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: The `.ndjson` file containing the rules. + format: binary + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + action_connectors_errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ErrorSchema + type: array + action_connectors_success: + type: boolean + action_connectors_success_count: + minimum: 0 + type: integer + action_connectors_warnings: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_WarningSchema + type: array + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ErrorSchema + type: array + exceptions_errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ErrorSchema + type: array + exceptions_success: + type: boolean + exceptions_success_count: + minimum: 0 + type: integer + rules_count: + minimum: 0 + type: integer + success: + type: boolean + success_count: + minimum: 0 + type: integer + required: + - exceptions_success + - exceptions_success_count + - exceptions_errors + - rules_count + - success + - success_count + - errors + - action_connectors_errors + - action_connectors_warnings + - action_connectors_success + - action_connectors_success_count + description: Indicates a successful call. + summary: Import detection rules + tags: + - Security Solution Detections API + - Import/Export API + /api/detection_engine/rules/{id}/exceptions: + post: + description: Create exception items that apply to a single detection rule. + operationId: CreateRuleExceptionListItems + parameters: + - description: Detection rule's identifier + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_RuleId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateRuleExceptionListItemProps + type: array + required: + - items + description: Rule exception list items + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Create rule exception list items + tags: + - Security Solution Exceptions API + /api/detection_engine/rules/preview: + post: + operationId: RulePreview + parameters: + - description: >- + Enables logging and returning in response ES queries, performed + during rule execution + in: query + name: enable_logged_requests + required: false + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + discriminator: + propertyName: type + description: >- + An object containing tags to add or remove and alert ids the changes + will be applied + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + isAborted: + type: boolean + logs: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewLogs + type: array + previewId: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + required: + - logs + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Preview rule alerts generated on specified time range + tags: + - Security Solution Detections API + - Rule preview API + /api/detection_engine/signals/assignees: + post: + description: | + Assign users to detection alerts, and unassign them from alerts. + > info + > You cannot add and remove the same assignee in the same request. + operationId: SetAlertAssignees + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + assignees: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertAssignees + description: Details about the assignees to assign and unassign. + ids: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertIds + description: List of alerts ids to assign and unassign passed assignees. + required: + - assignees + - ids + required: true + responses: + '200': + description: Indicates a successful call. + '400': + description: Invalid request. + summary: Assign and unassign users from detection alerts + tags: + - Security Solution Detections API + /api/detection_engine/signals/search: + post: + description: Find and/or aggregate detection alerts that match the given query. + operationId: SearchAlerts + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + description: Elasticsearch query and aggregation request + type: object + properties: + _source: + oneOf: + - type: boolean + - type: string + - items: + type: string + type: array + aggs: + additionalProperties: true + type: object + fields: + items: + type: string + type: array + query: + additionalProperties: true + type: object + runtime_mappings: + additionalProperties: true + type: object + size: + minimum: 0 + type: integer + sort: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsSort + track_total_hits: + type: boolean + description: Search and/or aggregation query + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: true + description: Elasticsearch search response + type: object + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Find and/or aggregate detection alerts + tags: + - Security Solution Detections API + - Alerts API + /api/detection_engine/signals/status: + post: + description: Set the status of one or more detection alerts. + operationId: SetAlertsStatus + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SetAlertsStatusByIds + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SetAlertsStatusByQuery + description: >- + An object containing desired status and explicit alert ids or a query + to select alerts + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: true + description: Elasticsearch update by query response + type: object + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Set a detection alert status + tags: + - Security Solution Detections API + - Alerts API + /api/detection_engine/signals/tags: + post: + description: | + And tags to detection alerts, and remove them from alerts. + > info + > You cannot add and remove the same alert tag in the same request. + operationId: SetAlertTags + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + ids: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertIds + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SetAlertTags + required: + - ids + - tags + description: >- + An object containing tags to add or remove and alert ids the changes + will be applied + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: true + description: Elasticsearch update by query response + type: object + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Add and remove detection alert tags + tags: + - Security Solution Detections API + - Alerts API + /api/detection_engine/tags: + get: + description: List all unique tags from all detection rules. + operationId: ReadTags + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + description: Indicates a successful call + summary: List all detection rule tags + tags: + - Security Solution Detections API + - Tags API + /api/endpoint_list: + post: + description: >- + Create an endpoint exception list, which groups endpoint exception list + items. If an endpoint exception list already exists, an empty response + is returned. + operationId: CreateEndpointList + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Create an endpoint exception list + tags: + - Security Solution Endpoint Exceptions API + /api/endpoint_list/items: + delete: + description: >- + Delete an endpoint exception list item using the `id` or `item_id` + field. + operationId: DeleteEndpointListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Delete an endpoint exception list item + tags: + - Security Solution Endpoint Exceptions API + get: + description: >- + Get the details of an endpoint exception list item using the `id` or + `item_id` field. + operationId: ReadEndpointListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Get an endpoint exception list item + tags: + - Security Solution Endpoint Exceptions API + post: + description: >- + Create an endpoint exception list item, and associate it with the + endpoint exception list. + operationId: CreateEndpointListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + comments: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray + item_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item already exists + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Create an endpoint exception list item + tags: + - Security Solution Endpoint Exceptions API + put: + description: >- + Update an endpoint exception list item using the `id` or `item_id` + field. + operationId: UpdateEndpointListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + description: Either `id` or `item_id` must be specified + item_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + description: Either `id` or `item_id` must be specified + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Update an endpoint exception list item + tags: + - Security Solution Endpoint Exceptions API + /api/endpoint_list/items/_find: + get: + description: Get a list of all endpoint exception list items. + operationId: FindEndpointListItems + parameters: + - description: > + Filters the returned results according to the value of the specified + field, + + using the `:` syntax. + in: query + name: filter + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_FindEndpointListItemsFilter + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 0 + type: integer + - description: The number of exception list items to return per page + in: query + name: per_page + required: false + schema: + minimum: 0 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + pit: + type: string + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Get endpoint exception list items + tags: + - Security Solution Endpoint Exceptions API + /api/endpoint/action: + get: + description: Get a list of all response actions. + operationId: EndpointGetActionsList + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_GetEndpointActionListRouteQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get response actions + tags: + - Security Solution Endpoint Management API + /api/endpoint/action_log/{agent_id}: + get: + deprecated: true + description: Get an action request log for the specified agent ID. + operationId: EndpointGetActionLog + parameters: + - in: path + name: agent_id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentId + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ActionLogRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get an action request log + tags: + - Security Solution Endpoint Management API + /api/endpoint/action_status: + get: + description: Get the status of response actions for the specified agent IDs. + operationId: EndpointGetActionsStatus + parameters: + - in: query + name: query + required: true + schema: + type: object + properties: + agent_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ActionStatusSuccessResponse + description: OK + summary: Get response actions status + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/{action_id}: + get: + description: Get the details of a response action using the action ID. + operationId: EndpointGetActionsDetails + parameters: + - in: path + name: action_id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get action details + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/{action_id}/file/{file_id}: + get: + description: Get information for the specified file using the file ID. + operationId: EndpointFileInfo + parameters: + - in: path + name: action_id + required: true + schema: + type: string + - in: path + name: file_id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get file information + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/{action_id}/file/{file_id}/download: + get: + description: Download a file from an endpoint. + operationId: EndpointFileDownload + parameters: + - in: path + name: action_id + required: true + schema: + type: string + - in: path + name: file_id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Download a file + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/execute: + post: + description: Run a shell command on an endpoint. + operationId: EndpointExecuteAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ExecuteRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Run a command + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/get_file: + post: + description: Get a file from an endpoint. + operationId: EndpointGetFileAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_GetFileRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get a file + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/isolate: + post: + description: >- + Isolate an endpoint from the network. The endpoint remains isolated + until it's released. + operationId: EndpointIsolateAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_IsolateRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Isolate an endpoint + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/kill_process: + post: + description: Terminate a running process on an endpoint. + operationId: EndpointKillProcessAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_KillProcessRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Terminate a process + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/running_procs: + post: + description: Get a list of all processes running on an endpoint. + operationId: EndpointGetProcessesAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_GetProcessesRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get running processes + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/scan: + post: + description: Scan a specific file or directory on an endpoint for malware. + operationId: EndpointScanAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ScanRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Scan a file or directory + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/state: + get: + description: >- + Get a response actions state, which reports whether encryption is + enabled. + operationId: EndpointGetActionsState + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ActionStateSuccessResponse + description: OK + summary: Get actions state + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/suspend_process: + post: + description: Suspend a running process on an endpoint. + operationId: EndpointSuspendProcessAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuspendProcessRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Suspend a process + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/unisolate: + post: + description: Release an isolated endpoint, allowing it to rejoin a network. + operationId: EndpointUnisolateAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_UnisolateRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Release an isolated endpoint + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/upload: + post: + description: Upload a file to an endpoint. + operationId: EndpointUploadAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_UploadRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Upload a file + tags: + - Security Solution Endpoint Management API + /api/endpoint/metadata: + get: + operationId: GetEndpointMetadataList + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ListRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get a metadata list + tags: + - Security Solution Endpoint Management API + /api/endpoint/metadata/{id}: + get: + operationId: GetEndpointMetadata + parameters: + - in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get metadata + tags: + - Security Solution Endpoint Management API + /api/endpoint/metadata/transforms: + get: + operationId: GetEndpointMetadataTransform + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get metadata transforms + tags: + - Security Solution Endpoint Management API + /api/endpoint/policy_response: + get: + operationId: GetPolicyResponse + parameters: + - in: query + name: query + required: true + schema: + type: object + properties: + agentId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get a policy response + tags: + - Security Solution Endpoint Management API + /api/endpoint/policy/summaries: + get: + deprecated: true + operationId: GetAgentPolicySummary + parameters: + - in: query + name: query + required: true + schema: + type: object + properties: + package_name: + type: string + policy_id: + nullable: true + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get an agent policy summary + tags: + - Security Solution Endpoint Management API + /api/endpoint/protection_updates_note/{package_policy_id}: + get: + operationId: GetProtectionUpdatesNote + parameters: + - in: path + name: package_policy_id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ProtectionUpdatesNoteResponse + description: OK + summary: Get a protection updates note + tags: + - Security Solution Endpoint Management API + post: + operationId: CreateUpdateProtectionUpdatesNote + parameters: + - in: path + name: package_policy_id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + note: + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ProtectionUpdatesNoteResponse + description: OK + summary: Create or update a protection updates note + tags: + - Security Solution Endpoint Management API + /api/endpoint/suggestions/{suggestion_type}: + post: + operationId: GetEndpointSuggestions + parameters: + - in: path + name: suggestion_type + required: true + schema: + enum: + - eventFilters + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + field: + type: string + fieldMeta: {} + filters: {} + query: + type: string + required: + - parameters + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get suggestions + tags: + - Security Solution Endpoint Management API + /api/entity_store/engines: + get: + operationId: ListEntityStoreEngines + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + count: + type: integer + engines: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EngineDescriptor + type: array + description: Successful response + summary: List the Entity Store engines + tags: + - Security Solution Entity Analytics API + /api/entity_store/engines/{entityType}: + delete: + operationId: DeleteEntityStore + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + - description: Control flag to also delete the entity data. + in: query + name: data + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + deleted: + type: boolean + description: Successful response + summary: Delete the Entity Store engine + tags: + - Security Solution Entity Analytics API + get: + operationId: GetEntityStoreEngine + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EngineDescriptor + description: Successful response + summary: Get the Entity Store engine + tags: + - Security Solution Entity Analytics API + /api/entity_store/engines/{entityType}/init: + post: + operationId: InitEntityStore + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + filter: + type: string + indexPattern: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IndexPattern + description: Schema for the engine initialization + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EngineDescriptor + description: Successful response + summary: Initialize the Entity Store + tags: + - Security Solution Entity Analytics API + /api/entity_store/engines/{entityType}/start: + post: + operationId: StartEntityStore + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + started: + type: boolean + description: Successful response + summary: Start the Entity Store engine + tags: + - Security Solution Entity Analytics API + /api/entity_store/engines/{entityType}/stats: + post: + operationId: GetEntityStoreStats + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + indexPattern: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IndexPattern + indices: + items: + type: object + type: array + status: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EngineStatus + transforms: + items: + type: object + type: array + type: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + description: Successful response + summary: Get the Entity Store engine stats + tags: + - Security Solution Entity Analytics API + /api/entity_store/engines/{entityType}/stop: + post: + operationId: StopEntityStore + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + stopped: + type: boolean + description: Successful response + summary: Stop the Entity Store engine + tags: + - Security Solution Entity Analytics API + /api/entity_store/entities/list: + get: + description: List entities records, paging, sorting and filtering as needed. + operationId: ListEntities + parameters: + - in: query + name: sort_field + required: false + schema: + type: string + - in: query + name: sort_order + required: false + schema: + enum: + - asc + - desc + type: string + - in: query + name: page + required: false + schema: + minimum: 1 + type: integer + - in: query + name: per_page + required: false + schema: + maximum: 10000 + minimum: 1 + type: integer + - description: An ES query to filter by. + in: query + name: filterQuery + required: false + schema: + type: string + - in: query + name: entities_types + required: true + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + inspect: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_InspectQuery + page: + minimum: 1 + type: integer + per_page: + maximum: 1000 + minimum: 1 + type: integer + records: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_Entity + type: array + total: + minimum: 0 + type: integer + required: + - records + - page + - per_page + - total + description: Entities returned successfully + summary: List Entity Store Entities + tags: + - Security Solution Entity Analytics API + /api/exception_lists: + delete: + description: Delete an exception list using the `id` or `list_id` field. + operationId: DeleteExceptionList + parameters: + - description: Either `id` or `list_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Either `id` or `list_id` must be specified + in: query + name: list_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Delete an exception list + tags: + - Security Solution Exceptions API + get: + description: Get the details of an exception list using the `id` or `list_id` field. + operationId: ReadExceptionList + parameters: + - description: Either `id` or `list_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Either `id` or `list_id` must be specified + in: query + name: list_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Get exception list details + tags: + - Security Solution Exceptions API + post: + description: > + An exception list groups exception items and can be associated with + detection rules. You can assign detection rules with multiple exception + lists. + + > info + + > All exception items added to the same list are evaluated using `OR` + logic. That is, if any of the items in a list evaluate to `true`, the + exception prevents the rule from generating an alert. Likewise, `OR` + logic is used for evaluating exceptions when more than one exception + list is assigned to a rule. To use the `AND` operator, you can define + multiple clauses (`entries`) in a single exception item. + operationId: CreateExceptionList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListType + version: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListVersion + default: 1 + required: + - name + - description + - type + description: Exception list's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Create an exception list + tags: + - Security Solution Exceptions API + put: + description: Update an exception list using the `id` or `list_id` field. + operationId: UpdateExceptionList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListTags + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListType + version: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListVersion + required: + - name + - description + - type + description: Exception list's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Update an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/_duplicate: + post: + description: Duplicate an existing exception list. + operationId: DuplicateExceptionList + parameters: + - description: Exception list's human identifier + in: query + name: list_id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + - description: >- + Determines whether to include expired exceptions in the exported + list + in: query + name: include_expired_exceptions + required: true + schema: + default: 'true' + enum: + - 'true' + - 'false' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list to duplicate not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Duplicate an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/_export: + post: + description: Export an exception list and its associated items to an NDJSON file. + operationId: ExportExceptionList + parameters: + - description: Exception list's identifier + in: query + name: id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Exception list's human identifier + in: query + name: list_id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + - description: >- + Determines whether to include expired exceptions in the exported + list + in: query + name: include_expired_exceptions + required: true + schema: + default: 'true' + enum: + - 'true' + - 'false' + type: string + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: >- + A `.ndjson` file containing specified exception list and its + items + format: binary + type: string + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Export an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/_find: + get: + description: Get a list of all exception lists. + operationId: FindExceptionLists + parameters: + - description: > + Filters the returned results according to the value of the specified + field. + + + Uses the `so type.field name:field` value syntax, where `so type` + can be: + + + - `exception-list`: Specify a space-aware exception list. + + - `exception-list-agnostic`: Specify an exception list that is + shared across spaces. + in: query + name: filter + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_FindExceptionListsFilter + - description: > + Determines whether the returned containers are Kibana associated + with a Kibana space + + or available in all spaces (`agnostic` or `single`) + in: query + name: namespace_type + required: false + schema: + default: + - single + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + type: array + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 1 + type: integer + - description: The number of exception lists to return per page + in: query + name: per_page + required: false + schema: + minimum: 1 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + type: string + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + type: array + page: + minimum: 1 + type: integer + per_page: + minimum: 1 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Get exception lists + tags: + - Security Solution Exceptions API + /api/exception_lists/_import: + post: + description: Import an exception list and its associated items from an NDJSON file. + operationId: ImportExceptionList + parameters: + - description: > + Determines whether existing exception lists with the same `list_id` + are overwritten. + + If any exception items have the same `item_id`, those are also + overwritten. + in: query + name: overwrite + required: false + schema: + default: false + type: boolean + - in: query + name: overwrite_exceptions + required: false + schema: + default: false + type: boolean + - in: query + name: overwrite_action_connectors + required: false + schema: + default: false + type: boolean + - description: > + Determines whether the list being imported will have a new `list_id` + generated. + + Additional `item_id`'s are generated for each exception item. Both + the exception + + list and its items are overwritten. + in: query + name: as_new_list + required: false + schema: + default: false + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: A `.ndjson` file containing the exception list + format: binary + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + errors: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListsImportBulkErrorArray + success: + type: boolean + success_count: + minimum: 0 + type: integer + success_count_exception_list_items: + minimum: 0 + type: integer + success_count_exception_lists: + minimum: 0 + type: integer + success_exception_list_items: + type: boolean + success_exception_lists: + type: boolean + required: + - errors + - success + - success_count + - success_exception_lists + - success_count_exception_lists + - success_exception_list_items + - success_count_exception_list_items + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Import an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/items: + delete: + description: Delete an exception list item using the `id` or `item_id` field. + operationId: DeleteExceptionListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Delete an exception list item + tags: + - Security Solution Exceptions API + get: + description: >- + Get the details of an exception list item using the `id` or `item_id` + field. + operationId: ReadExceptionListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Get an exception list item + tags: + - Security Solution Exceptions API + post: + description: > + Create an exception item and associate it with the specified exception + list. + + > info + + > Before creating exception items, you must create an exception list. + operationId: CreateExceptionListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + required: + - list_id + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Create an exception list item + tags: + - Security Solution Exceptions API + put: + description: Update an exception list item using the `id` or `item_id` field. + operationId: UpdateExceptionListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_UpdateExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + description: Either `id` or `item_id` must be specified + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + description: Either `id` or `item_id` must be specified + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Update an exception list item + tags: + - Security Solution Exceptions API + /api/exception_lists/items/_find: + get: + description: Get a list of all exception list items in the specified list. + operationId: FindExceptionListItems + parameters: + - description: List's id + in: query + name: list_id + required: true + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + type: array + - description: > + Filters the returned results according to the value of the specified + field, + + using the `:` syntax. + in: query + name: filter + required: false + schema: + default: [] + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_FindExceptionListItemsFilter + type: array + - description: > + Determines whether the returned containers are Kibana associated + with a Kibana space + + or available in all spaces (`agnostic` or `single`) + in: query + name: namespace_type + required: false + schema: + default: + - single + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + type: array + - in: query + name: search + required: false + schema: + type: string + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 0 + type: integer + - description: The number of exception list items to return per page + in: query + name: per_page + required: false + schema: + minimum: 0 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_NonEmptyString + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + type: array + page: + minimum: 1 + type: integer + per_page: + minimum: 1 + type: integer + pit: + type: string + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Get exception list items + tags: + - Security Solution Exceptions API + /api/exception_lists/summary: + get: + description: Get a summary of the specified exception list. + operationId: ReadExceptionListSummary + parameters: + - description: Exception list's identifier generated upon creation + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Exception list's human readable identifier + in: query + name: list_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + - description: Search filter clause + in: query + name: filter + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + linux: + minimum: 0 + type: integer + macos: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + windows: + minimum: 0 + type: integer + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Get an exception list summary + tags: + - Security Solution Exceptions API + /api/exceptions/shared: + post: + description: > + An exception list groups exception items and can be associated with + detection rules. A shared exception list can apply to multiple detection + rules. + + > info + + > All exception items added to the same list are evaluated using `OR` + logic. That is, if any of the items in a list evaluate to `true`, the + exception prevents the rule from generating an alert. Likewise, `OR` + logic is used for evaluating exceptions when more than one exception + list is assigned to a rule. To use the `AND` operator, you can define + multiple clauses (`entries`) in a single exception item. + operationId: CreateSharedExceptionList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + required: + - name + - description + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Create a shared exception list + tags: + - Security Solution Exceptions API + /api/fleet/agent_download_sources: + get: + operationId: get-download-sources + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_download_sources' + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agent binary download sources + tags: + - Elastic Agent binary download sources + post: + operationId: post-download-sources + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host: + type: string + id: + type: string + is_default: + type: boolean + name: + type: string + required: + - name + - host + - is_default + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_download_sources' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create agent binary download source + tags: + - Elastic Agent binary download sources + /api/fleet/agent_download_sources/{sourceId}: + delete: + operationId: delete-download-source + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + required: + - id + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete agent binary download source by ID + tags: + - Elastic Agent binary download sources + get: + operationId: get-one-download-source + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_download_sources' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent binary download source by ID + tags: + - Elastic Agent binary download sources + parameters: + - in: path + name: sourceId + required: true + schema: + type: string + put: + operationId: update-download-source + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host: + type: string + is_default: + type: boolean + name: + type: string + required: + - name + - is_default + - host + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_download_sources' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update agent binary download source by ID + tags: + - Elastic Agent binary download sources + /api/fleet/agent_policies: + get: + description: '' + operationId: agent-policy-list + parameters: + - $ref: '#/components/parameters/Fleet_page_size' + - $ref: '#/components/parameters/Fleet_page_index' + - $ref: '#/components/parameters/Fleet_kuery' + - $ref: '#/components/parameters/Fleet_format' + - description: >- + When set to true, retrieve the related package policies for each + agent policy. + in: query + name: full + schema: + type: boolean + - description: >- + When set to true, do not count how many agents are in the agent + policy, this can improve performance if you are searching over a + large number of agent policies. The "agents" property will always be + 0 if set to true. + in: query + name: noAgentCount + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_agent_policy' + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agent policies + tags: + - Elastic Agent policies + post: + operationId: create-agent-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_agent_policy_create_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent_policy' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create agent policy + tags: + - Elastic Agent policies + /api/fleet/agent_policies/_bulk_get: + post: + operationId: bulk-get-agent-policies + parameters: + - $ref: '#/components/parameters/Fleet_format' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + full: + description: get full policies with package policies populated + type: boolean + ids: + description: list of agent policy ids + items: + type: string + type: array + ignoreMissing: + type: boolean + required: + - ids + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_agent_policy' + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk get agent policies + tags: + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}: + get: + description: Get one agent policy + operationId: agent-policy-info + parameters: [] + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent_policy' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent policy by ID + tags: + - Elastic Agent policies + parameters: + - in: path + name: agentPolicyId + required: true + schema: + type: string + - $ref: '#/components/parameters/Fleet_format' + put: + operationId: update-agent-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_agent_policy_update_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent_policy' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update agent policy by ID + tags: + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}/copy: + parameters: + - in: path + name: agentPolicyId + required: true + schema: + type: string + - $ref: '#/components/parameters/Fleet_format' + post: + operationId: agent-policy-copy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + type: string + name: + type: string + required: + - name + description: '' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent_policy' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Copy agent policy by ID + tags: + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}/download: + get: + operationId: agent-policy-download + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Download agent policy by ID + tags: + - Elastic Agent policies + parameters: + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: download + required: false + schema: + type: string + - in: query + name: standalone + required: false + schema: + type: string + - in: query + name: kubernetes + required: false + schema: + type: string + /api/fleet/agent_policies/{agentPolicyId}/full: + get: + operationId: agent-policy-full + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + oneOf: + - type: string + - $ref: '#/components/schemas/Fleet_agent_policy_full' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get full agent policy by ID + tags: + - Elastic Agent policies + parameters: + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: download + required: false + schema: + type: string + - in: query + name: standalone + required: false + schema: + type: string + - in: query + name: kubernetes + required: false + schema: + type: string + /api/fleet/agent_policies/delete: + parameters: [] + post: + operationId: delete-agent-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + agentPolicyId: + type: string + force: + description: >- + bypass validation checks that can prevent agent policy + deletion + type: boolean + required: + - agentPolicyId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + success: + type: boolean + required: + - id + - success + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete agent policy by ID + tags: + - Elastic Agent policies + /api/fleet/agent_status: + get: + operationId: get-agent-status + parameters: + - in: query + name: policyId + required: false + schema: + type: string + - deprecated: true + in: query + name: kuery + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + active: + type: integer + all: + type: integer + error: + type: integer + events: + type: integer + inactive: + type: integer + offline: + type: integer + online: + type: integer + other: + type: integer + total: + deprecated: true + type: integer + unenrolled: + type: integer + updating: + type: integer + required: + - active + - all + - error + - events + - inactive + - offline + - online + - other + - total + - updating + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent status summary + tags: + - Elastic Agent status + /api/fleet/agent_status/data: + get: + operationId: get-agent-data + parameters: + - in: query + name: agentsIds + required: true + schema: + items: + type: string + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + additionalProperties: + type: object + properties: + data: + type: boolean + type: object + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get incoming agent data + tags: + - Elastic Agent status + /api/fleet/agent-status: + get: + deprecated: true + operationId: get-agent-status-deprecated + parameters: + - in: query + name: policyId + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: integer + events: + type: integer + inactive: + type: integer + offline: + type: integer + online: + type: integer + other: + type: integer + total: + type: integer + updating: + type: integer + required: + - error + - events + - inactive + - offline + - online + - other + - total + - updating + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent status summary + tags: + - Elastic Agent status + /api/fleet/agents: + get: + operationId: get-agents + parameters: + - $ref: '#/components/parameters/Fleet_page_size' + - $ref: '#/components/parameters/Fleet_page_index' + - $ref: '#/components/parameters/Fleet_kuery' + - $ref: '#/components/parameters/Fleet_show_inactive' + - $ref: '#/components/parameters/Fleet_show_upgradeable' + - $ref: '#/components/parameters/Fleet_sort_field' + - $ref: '#/components/parameters/Fleet_sort_order' + - $ref: '#/components/parameters/Fleet_with_metrics' + - in: query + name: getStatusSummary + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_get_agents_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agents + tags: + - Elastic Agents + post: + operationId: get-agents-by-actions + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionIds: + items: + type: string + type: array + required: + - policy_id + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_agent_get_by_actions' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agents by action ids + tags: + - Elastic Agents + /api/fleet/agents/{agentId}: + delete: + operationId: delete-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + enum: + - deleted + type: string + required: + - action + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete agent by ID + tags: + - Elastic Agents + get: + operationId: get-agent + parameters: + - $ref: '#/components/parameters/Fleet_with_metrics' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent by ID + tags: + - Elastic Agents + parameters: + - in: path + name: agentId + required: true + schema: + type: string + put: + operationId: update-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + tags: + items: + type: string + type: array + user_provided_metadata: + type: object + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update agent by ID + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/actions: + parameters: + - in: path + name: agentId + required: true + schema: + type: string + post: + operationId: new-agent-action + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + $ref: '#/components/schemas/Fleet_agent_action' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + items: + type: number + type: array + headers: + type: string + statusCode: + type: number + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create agent action + tags: + - Elastic Agent actions + /api/fleet/agents/{agentId}/reassign: + parameters: + - in: path + name: agentId + required: true + schema: + type: string + post: + operationId: reassign-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + policy_id: + type: string + required: + - policy_id + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Reassign agent + tags: + - Elastic Agents + put: + deprecated: true + operationId: reassign-agent-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + policy_id: + type: string + required: + - policy_id + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Reassign agent + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/request_diagnostics: + parameters: + - in: path + name: agentId + required: true + schema: + type: string + post: + operationId: request-diagnostics-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + additional_metrics: + items: + oneOf: + - enum: + - CPU + type: string + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Request agent diagnostics + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/unenroll: + parameters: + - in: path + name: agentId + required: true + schema: + type: string + post: + operationId: unenroll-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + type: boolean + revoke: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: OK + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + enum: + - 400 + type: number + description: BAD REQUEST + summary: Unenroll agent + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/upgrade: + parameters: + - in: path + name: agentId + required: true + schema: + type: string + post: + operationId: upgrade-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_upgrade_agent' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_upgrade_agent' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Upgrade agent + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/uploads: + get: + operationId: list-agent-uploads + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: object + properties: + item: + items: + $ref: '#/components/schemas/Fleet_agent_diagnostics' + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agent uploads + tags: + - Elastic Agents + parameters: + - in: path + name: agentId + required: true + schema: + type: string + /api/fleet/agents/action_status: + get: + operationId: agents-action-status + parameters: + - $ref: '#/components/parameters/Fleet_page_size' + - $ref: '#/components/parameters/Fleet_page_index' + - in: query + name: errorSize + schema: + default: 5 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: object + properties: + actionId: + type: string + cancellationTime: + type: string + completionTime: + type: string + creationTime: + description: creation time of action + type: string + expiration: + type: string + latestErrors: + description: >- + latest errors that happened when the agents executed + the action + items: + type: object + properties: + agentId: + type: string + error: + type: string + timestamp: + type: string + type: array + nbAgentsAck: + description: number of agents that acknowledged the action + type: number + nbAgentsActionCreated: + description: number of agents included in action from kibana + type: number + nbAgentsActioned: + description: number of agents actioned + type: number + nbAgentsFailed: + description: number of agents that failed to execute the action + type: number + newPolicyId: + description: new policy id (POLICY_REASSIGN action) + type: string + policyId: + description: policy id (POLICY_CHANGE action) + type: string + revision: + description: new policy revision (POLICY_CHANGE action) + type: string + startTime: + description: start time of action (scheduled actions) + type: string + status: + enum: + - COMPLETE + - EXPIRED + - CANCELLED + - FAILED + - IN_PROGRESS + - ROLLOUT_PASSED + type: string + type: + enum: + - POLICY_REASSIGN + - UPGRADE + - UNENROLL + - FORCE_UNENROLL + - UPDATE_TAGS + - CANCEL + - REQUEST_DIAGNOSTICS + - SETTINGS + - POLICY_CHANGE + - INPUT_ACTION + type: string + version: + description: agent version number (UPGRADE action) + type: string + required: + - actionId + - complete + - nbAgentsActioned + - nbAgentsActionCreated + - nbAgentsAck + - nbAgentsFailed + - status + - creationTime + - type + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent action status + tags: + - Elastic Agent actions + /api/fleet/agents/actions/{actionId}/cancel: + parameters: + - in: path + name: actionId + required: true + schema: + type: string + post: + operationId: agent-action-cancel + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent_action' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Cancel agent action + tags: + - Elastic Agent actions + /api/fleet/agents/bulk_reassign: + post: + operationId: bulk-reassign-agents + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + example: + agents: 'fleet-agents.policy_id : ("policy1" or "policy2")' + policy_id: policy_id + schema: + type: object + properties: + agents: + oneOf: + - description: KQL query string, leave empty to action all agents + type: string + - description: list of agent IDs + items: + type: string + type: array + policy_id: + description: new agent policy id + type: string + required: + - policy_id + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk reassign agents + tags: + - Elastic Agents + /api/fleet/agents/bulk_request_diagnostics: + post: + operationId: bulk-request-diagnostics + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + example: + agents: 'fleet-agents.policy_id : ("policy1" or "policy2")' + schema: + type: object + properties: + additional_metrics: + items: + oneOf: + - enum: + - CPU + type: string + type: array + agents: + oneOf: + - description: KQL query string, leave empty to action all agents + type: string + - description: list of agent IDs + items: + type: string + type: array + batchSize: + type: number + required: + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk request diagnostics from agents + tags: + - Elastic Agents + /api/fleet/agents/bulk_unenroll: + post: + operationId: bulk-unenroll-agents + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + example: + agents: + - agent1 + - agent2 + force: false + revoke: true + schema: + type: object + properties: + agents: + oneOf: + - description: KQL query string, leave empty to action all agents + type: string + - description: list of agent IDs + items: + type: string + type: array + force: + description: Unenrolls hosted agents too + type: boolean + includeInactive: + description: >- + When passing agents by KQL query, unenrolls inactive agents + too + type: boolean + revoke: + description: Revokes API keys of agents + type: boolean + required: + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk unenroll agents + tags: + - Elastic Agents + /api/fleet/agents/bulk_update_agent_tags: + post: + operationId: bulk-update-agent-tags + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + example: + agents: + - agent1 + - agent2 + tagsToAdd: + - newTag + tagsToRemove: + - existingTag + schema: + type: object + properties: + agents: + oneOf: + - description: KQL query string, leave empty to action all agents + type: string + - description: list of agent IDs + items: + type: string + type: array + batchSize: + type: number + tagsToAdd: + items: + type: string + type: array + tagsToRemove: + items: + type: string + type: array + required: + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk update agent tags + tags: + - Elastic Agents + /api/fleet/agents/bulk_upgrade: + post: + operationId: bulk-upgrade-agents + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + example: + agents: + - agent1 + - agent2 + rollout_duration_seconds: 3600 + source_uri: https://artifacts.elastic.co/downloads/beats/elastic-agent + start_time: '2022-08-03T14:00:00.000Z' + version: 8.4.0 + schema: + $ref: '#/components/schemas/Fleet_bulk_upgrade_agents' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk upgrade agents + tags: + - Elastic Agents + /api/fleet/agents/files/{fileId}: + delete: + operationId: delete-agent-upload-file + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: object + properties: + deleted: + type: boolean + id: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete file uploaded by agent + tags: + - Elastic Agents + parameters: + - in: path + name: fileId + required: true + schema: + type: string + /api/fleet/agents/files/{fileId}/{fileName}: + get: + operationId: get-agent-upload-file + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: object + properties: + items: + type: object + properties: + body: {} + headers: {} + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get file uploaded by agent + tags: + - Elastic Agents + parameters: + - in: path + name: fileId + required: true + schema: + type: string + - in: path + name: fileName + required: true + schema: + type: string + /api/fleet/agents/setup: + get: + operationId: get-agents-setup-status + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_fleet_status_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent setup info + tags: + - Elastic Agents + post: + operationId: setup-agents + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + admin_password: + type: string + admin_username: + type: string + required: + - admin_username + - admin_password + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_fleet_setup_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Initiate agent setup + tags: + - Elastic Agents + /api/fleet/agents/tags: + get: + operationId: get-agent-tags + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_get_agent_tags_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agent tags + tags: + - Elastic Agents + /api/fleet/data_streams: + get: + operationId: data-streams-list + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data_streams: + items: + $ref: '#/components/schemas/Fleet_data_stream' + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List data streams + tags: + - Data streams + parameters: [] + /api/fleet/enrollment_api_keys: + get: + operationId: get-enrollment-api-keys + parameters: + - $ref: '#/components/parameters/Fleet_page_size' + - $ref: '#/components/parameters/Fleet_page_index' + - $ref: '#/components/parameters/Fleet_kuery' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + type: array + list: + deprecated: true + items: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - page + - perPage + - total + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List enrollment API keys + tags: + - Fleet enrollment API keys + post: + operationId: create-enrollment-api-keys + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + name: + description: The name of the enrollment API key. Must be unique. + type: string + policy_id: + description: >- + The ID of the agent policy the Elastic Agent will be + enrolled in. + type: string + required: + - policy_id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + enum: + - created + type: string + item: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create enrollment API key + tags: + - Fleet enrollment API keys + /api/fleet/enrollment_api_keys/{keyId}: + delete: + operationId: delete-enrollment-api-key + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + enum: + - deleted + type: string + required: + - action + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Revoke enrollment API key by ID by marking it as inactive + tags: + - Fleet enrollment API keys + get: + operationId: get-enrollment-api-key + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get enrollment API key by ID + tags: + - Fleet enrollment API keys + parameters: + - in: path + name: keyId + required: true + schema: + type: string + /api/fleet/enrollment-api-keys: + get: + deprecated: true + operationId: get-enrollment-api-keys-deprecated + parameters: [] + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + type: array + list: + deprecated: true + items: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - page + - perPage + - total + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List enrollment API keys + tags: + - Fleet enrollment API keys + post: + deprecated: true + operationId: create-enrollment-api-keys-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + enum: + - created + type: string + item: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create enrollment API key + tags: + - Fleet enrollment API keys + /api/fleet/enrollment-api-keys/{keyId}: + delete: + deprecated: true + operationId: delete-enrollment-api-key-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + enum: + - deleted + type: string + required: + - action + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete enrollment API key by ID + tags: + - Fleet enrollment API keys + get: + deprecated: true + operationId: get-enrollment-api-key-deprecated + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get enrollment API key by ID + tags: + - Fleet enrollment API keys + parameters: + - in: path + name: keyId + required: true + schema: + type: string + /api/fleet/epm/bulk_assets: + post: + operationId: bulk-get-assets + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + assetIds: + description: list of items necessary to fetch assets + items: + type: object + properties: + id: + type: string + type: + type: string + type: array + required: + - assetIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_get_bulk_assets_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk get assets + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/categories: + get: + operationId: get-package-categories + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_get_categories_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List package categories + tags: + - Elastic Package Manager (EPM) + parameters: + - description: >- + Whether to include prerelease packages in categories count (e.g. beta, + rc, preview) + in: query + name: prerelease + schema: + default: false + type: boolean + - deprecated: true + in: query + name: experimental + schema: + default: false + type: boolean + - in: query + name: include_policy_templates + schema: + default: false + type: boolean + /api/fleet/epm/packages: + get: + operationId: list-all-packages + parameters: + - description: >- + Whether to exclude the install status of each package. Enabling this + option will opt in to caching for the response via `cache-control` + headers. If you don't need up-to-date installation info for a + package, and are querying for a list of available packages, + providing this flag can improve performance substantially. + in: query + name: excludeInstallStatus + schema: + default: false + type: boolean + - description: >- + Whether to return prerelease versions of packages (e.g. beta, rc, + preview) + in: query + name: prerelease + schema: + default: false + type: boolean + - deprecated: true + in: query + name: experimental + schema: + default: false + type: boolean + - in: query + name: category + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_get_packages_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List packages + tags: + - Elastic Package Manager (EPM) + post: + description: '' + operationId: install-package-by-upload + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: avoid erroring out on unexpected mapping update errors + in: query + name: ignoreMappingUpdateErrors + schema: + default: false + type: boolean + - description: >- + Skip data stream rollover during index template mapping or settings + update + in: query + name: skipDataStreamRollover + schema: + default: false + type: boolean + requestBody: + content: + application/gzip; Elastic-Api-Version=2023-10-31: + schema: + format: binary + type: string + application/zip; Elastic-Api-Version=2023-10-31: + schema: + format: binary + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _meta: + type: object + properties: + install_source: + enum: + - upload + - registry + - bundled + type: string + items: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + '429': + $ref: '#/components/responses/Fleet_error' + summary: Install by package by direct upload + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/_bulk: + post: + operationId: bulk-install-packages + parameters: + - description: >- + Whether to return prerelease versions of packages (e.g. beta, rc, + preview) + in: query + name: prerelease + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + description: force install to ignore package verification errors + type: boolean + packages: + description: list of packages to install + items: + oneOf: + - description: package name + type: string + - type: object + properties: + name: + description: package name + type: string + version: + description: package version + type: string + type: array + required: + - packages + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_bulk_install_packages_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk install packages + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgkey}: + delete: + deprecated: true + operationId: delete-package-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - in: path + name: pkgkey + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + response: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - response + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete ackage + tags: + - Elastic Package Manager (EPM) + get: + deprecated: true + operationId: get-package-deprecated + parameters: + - in: path + name: pkgkey + required: true + schema: + type: string + - description: >- + Whether to return prerelease versions of packages (e.g. beta, rc, + preview) + in: query + name: prerelease + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + allOf: + - properties: + response: + $ref: '#/components/schemas/Fleet_package_info' + - properties: + savedObject: + type: string + status: + enum: + - installed + - installing + - install_failed + - not_installed + type: string + required: + - status + - savedObject + type: object + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package + tags: + - Elastic Package Manager (EPM) + post: + deprecated: true + description: '' + operationId: install-package-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - in: path + name: pkgkey + required: true + schema: + type: string + - description: avoid erroring out on unexpected mapping update errors + in: query + name: ignoreMappingUpdateErrors + schema: + default: false + type: boolean + - description: >- + Skip data stream rollover during index template mapping or settings + update + in: query + name: skipDataStreamRollover + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + response: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - response + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Install package + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/{pkgVersion}: + delete: + operationId: delete-package + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: delete package even if policies used by agents + in: query + name: force + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + deprecated: true + type: object + properties: + force: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete package + tags: + - Elastic Package Manager (EPM) + get: + operationId: get-package + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + allOf: + - properties: + item: + $ref: '#/components/schemas/Fleet_package_info' + - properties: + keepPoliciesUpToDate: + type: boolean + latestVersion: + type: string + licensePath: + type: string + notice: + type: string + savedObject: + deprecated: true + type: object + status: + enum: + - installed + - installing + - install_failed + - not_installed + type: string + required: + - status + - savedObject + type: object + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package + tags: + - Elastic Package Manager (EPM) + parameters: + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - description: Ignore if the package is fails signature verification + in: query + name: ignoreUnverified + schema: + type: boolean + - description: >- + Return all fields from the package manifest, not just those supported + by the Elastic Package Registry + in: query + name: full + schema: + type: boolean + - description: >- + Whether to return prerelease versions of packages (e.g. beta, rc, + preview) + in: query + name: prerelease + schema: + default: false + type: boolean + post: + description: '' + operationId: install-package + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: avoid erroring out on unexpected mapping update errors + in: query + name: ignoreMappingUpdateErrors + schema: + default: false + type: boolean + - description: >- + Skip data stream rollover during index template mapping or settings + update + in: query + name: skipDataStreamRollover + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + type: boolean + ignore_constraints: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _meta: + type: object + properties: + install_source: + enum: + - registry + - upload + - bundled + type: string + items: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Install package + tags: + - Elastic Package Manager (EPM) + put: + description: '' + operationId: update-package + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + keepPoliciesUpToDate: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update package settings + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath}: + get: + operationId: packages-get-file + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: object + headers: + type: object + statusCode: + type: number + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package file + tags: + - Elastic Package Manager (EPM) + parameters: + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: path + name: filePath + required: true + schema: + type: string + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize: + post: + description: '' + operationId: reauthorize-transforms + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - description: >- + Whether to include prerelease packages in categories count (e.g. + beta, rc, preview) + in: query + name: prerelease + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + transforms: + items: + type: object + properties: + transformId: + type: string + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: object + properties: + error: + type: string + success: + type: boolean + transformId: + type: string + required: + - transformId + - error + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Authorize transforms + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/stats: + get: + operationId: get-package-stats + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + response: + $ref: '#/components/schemas/Fleet_package_usage_stats' + required: + - response + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package stats + tags: + - Elastic Package Manager (EPM) + parameters: + - in: path + name: pkgName + required: true + schema: + type: string + /api/fleet/epm/packages/limited: + get: + operationId: list-limited-packages + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: string + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get limited package list + tags: + - Elastic Package Manager (EPM) + parameters: [] + /api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs: + get: + operationId: get-inputs-template + responses: + '200': + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get inputs template + tags: + - Elastic Package Manager (EPM) + parameters: + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - description: Format of response - json or yaml + in: query + name: format + schema: + enum: + - json + - yaml + - yml + type: string + - description: Specify if version is prerelease + in: query + name: prerelease + schema: + type: boolean + - description: Ignore if the package is fails signature verification + in: query + name: ignoreUnverified + schema: + type: boolean + /api/fleet/epm/verification_key_id: + get: + operationId: packages-get-verification-key-id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: object + properties: + id: + description: >- + the key ID of the GPG key used to verify package + signatures + nullable: true + type: string + headers: + type: object + statusCode: + type: number + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package signature verification key ID + tags: + - Elastic Package Manager (EPM) + parameters: [] + /api/fleet/fleet_server_hosts: + get: + operationId: get-fleet-server-hosts + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_fleet_server_host' + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List Fleet Server hosts + tags: + - Fleet Server hosts + post: + operationId: post-fleet-server-hosts + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host_urls: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_internal: + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this fleet server host. See + the proxies API for more information. + type: string + required: + - name + - host_urls + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_fleet_server_host' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create Fleet Server host + tags: + - Fleet Server hosts + /api/fleet/fleet_server_hosts/{itemId}: + delete: + operationId: delete-fleet-server-hosts + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + required: + - id + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete Fleet Server host by ID + tags: + - Fleet Server hosts + get: + operationId: get-one-fleet-server-hosts + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_fleet_server_host' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get Fleet Server host by ID + tags: + - Fleet Server hosts + parameters: + - in: path + name: itemId + required: true + schema: + type: string + put: + operationId: update-fleet-server-hosts + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host_urls: + items: + type: string + type: array + is_default: + type: boolean + is_internal: + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this fleet server host. See + the proxies API for more information. + nullable: true + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_fleet_server_host' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update Fleet Server host by ID + tags: + - Fleet Server hosts + /api/fleet/health_check: + post: + operationId: fleet-server-health-check + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host: + deprecated: true + type: string + id: + type: string + required: + - id + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host: + deprecated: true + type: string + id: + description: Fleet Server host id + type: string + status: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Fleet Server health check + tags: + - Fleet internals + /api/fleet/kubernetes: + get: + operationId: get-full-k8s-manifest + parameters: + - in: query + name: download + required: false + schema: + type: boolean + - in: query + name: fleetServer + required: false + schema: + type: string + - in: query + name: enrolToken + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get full K8s agent manifest + tags: + - Fleet Kubernetes + /api/fleet/logstash_api_keys: + post: + operationId: generate-logstash-api-key + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + api_key: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Generate Logstash API key + tags: + - Fleet outputs + /api/fleet/outputs: + get: + operationId: get-outputs + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_output_create_request' + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List outputs + tags: + - Fleet outputs + post: + operationId: post-outputs + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_output_create_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_output_create_request' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create output + tags: + - Fleet outputs + /api/fleet/outputs/{outputId}: + delete: + operationId: delete-output + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + required: + - id + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete output by ID + tags: + - Fleet outputs + get: + operationId: get-output + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_output_create_request' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get output by ID + tags: + - Fleet outputs + parameters: + - in: path + name: outputId + required: true + schema: + type: string + put: + operationId: update-output + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_output_update_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_output_update_request' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update output by ID + tags: + - Fleet outputs + /api/fleet/outputs/{outputId}/health: + get: + operationId: get-output-health + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + description: long message if unhealthy + type: string + state: + description: state of output, HEALTHY or DEGRADED + type: string + timestamp: + description: timestamp of reported state + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get latest output health + tags: + - Fleet outputs + parameters: + - in: path + name: outputId + required: true + schema: + type: string + /api/fleet/package_policies: + get: + operationId: get-package-policies + parameters: + - $ref: '#/components/parameters/Fleet_page_size' + - $ref: '#/components/parameters/Fleet_page_index' + - $ref: '#/components/parameters/Fleet_kuery' + - $ref: '#/components/parameters/Fleet_format' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_package_policy' + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List package policies + tags: + - Fleet package policies + parameters: [] + post: + operationId: create-package-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - $ref: '#/components/parameters/Fleet_format' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_package_policy_request' + description: >- + You should use inputs as an object and not use the deprecated inputs + array. + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_package_policy' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + '409': + $ref: '#/components/responses/Fleet_error' + summary: Create package policy + tags: + - Fleet package policies + /api/fleet/package_policies/_bulk_get: + post: + operationId: bulk-get-package-policies + parameters: + - $ref: '#/components/parameters/Fleet_format' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + ids: + description: list of package policy ids + items: + type: string + type: array + ignoreMissing: + type: boolean + required: + - ids + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_package_policy' + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk get package policies + tags: + - Fleet package policies + /api/fleet/package_policies/{packagePolicyId}: + delete: + operationId: delete-package-policy + parameters: + - in: query + name: force + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + required: + - id + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete package policy by ID + tags: + - Fleet package policies + get: + operationId: get-package-policy + parameters: + - $ref: '#/components/parameters/Fleet_format' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_package_policy' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package policy by ID + tags: + - Fleet package policies + parameters: + - in: path + name: packagePolicyId + required: true + schema: + type: string + put: + operationId: update-package-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - $ref: '#/components/parameters/Fleet_format' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_package_policy_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_package_policy' + sucess: + type: boolean + required: + - item + - sucess + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update package policy by ID + tags: + - Fleet package policies + /api/fleet/package_policies/delete: + post: + operationId: post-delete-package-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + type: boolean + packagePolicyIds: + items: + type: string + type: array + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + properties: + id: + type: string + name: + type: string + success: + type: boolean + required: + - id + - success + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete package policy + tags: + - Fleet package policies + /api/fleet/package_policies/upgrade: + post: + operationId: upgrade-package-policy + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + packagePolicyIds: + items: + type: string + type: array + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + properties: + id: + type: string + name: + type: string + success: + type: boolean + required: + - id + - success + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + '409': + $ref: '#/components/responses/Fleet_error' + summary: Upgrade package policy to a newer package version + tags: + - Fleet package policies + /api/fleet/package_policies/upgrade/dryrun: + post: + operationId: upgrade-package-policy-dry-run + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + packagePolicyIds: + items: + type: string + type: array + packageVersion: + type: string + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + properties: + agent_diff: + $ref: '#/components/schemas/Fleet_upgrade_agent_diff' + diff: + $ref: '#/components/schemas/Fleet_upgrade_diff' + hasErrors: + type: boolean + required: + - hasErrors + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Dry run package policy upgrade + tags: + - Fleet package policies + /api/fleet/proxies: + get: + operationId: get-fleet-proxies + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_proxies' + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List proxies + tags: + - Fleet proxies + post: + operationId: post-fleet-proxies + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + certificate: + type: string + certificate_authorities: + type: string + certificate_key: + type: string + id: + type: string + name: + type: string + proxy_headers: + type: object + url: + type: string + required: + - name + - url + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_proxies' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create proxy + tags: + - Fleet proxies + /api/fleet/proxies/{itemId}: + delete: + operationId: delete-fleet-proxies + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + required: + - id + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete proxy by ID + tags: + - Fleet proxies + get: + operationId: get-one-fleet-proxies + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_proxies' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get proxy by ID + tags: + - Fleet proxies + parameters: + - in: path + name: itemId + required: true + schema: + type: string + put: + operationId: update-fleet-proxies + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + certificate: + type: string + certificate_authorities: + type: string + certificate_key: + type: string + name: + type: string + proxy_headers: + type: object + url: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_proxies' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update proxy by ID + tags: + - Fleet proxies + /api/fleet/service_tokens: + post: + operationId: generate-service-token + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + name: + type: string + value: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create service token + tags: + - Fleet service tokens + /api/fleet/service-tokens: + post: + deprecated: true + operationId: generate-service-token-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + name: + type: string + value: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create service token + tags: + - Fleet service tokens + /api/fleet/settings: + get: + operationId: get-settings + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_fleet_settings_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get settings + tags: + - Fleet internals + put: + operationId: update-settings + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + additional_yaml_config: + type: string + fleet_server_hosts: + description: Protocol and path must be the same for each URL + items: + type: string + type: array + has_seen_add_data_notice: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_fleet_settings_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update settings + tags: + - Fleet internals + /api/fleet/setup: + post: + operationId: setup + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_fleet_setup_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + description: Internal Server Error + summary: Initiate Fleet setup + tags: + - Fleet internals + /api/fleet/uninstall_tokens: + get: + operationId: get-uninstall-tokens + parameters: + - description: The number of items to return + in: query + name: perPage + required: false + schema: + default: 20 + minimum: 5 + type: integer + - $ref: '#/components/parameters/Fleet_page_index' + - description: Partial match filtering for policy IDs + in: query + name: policyId + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: object + properties: + created_at: + type: string + id: + type: string + policy_id: + type: string + required: + - id + - policy_id + - created_at + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List metadata for latest uninstall tokens per agent policy + tags: + - Fleet uninstall tokens + /api/fleet/uninstall_tokens/{uninstallTokenId}: + get: + operationId: get-uninstall-token + parameters: + - in: path + name: uninstallTokenId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + type: object + properties: + created_at: + type: string + id: + type: string + policy_id: + type: string + token: + type: string + required: + - id + - token + - policy_id + - created_at + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get one decrypted uninstall token by its ID + tags: + - Fleet uninstall tokens + /api/lists: + delete: + description: | + Delete a list using the list ID. + > info + > When you delete a list, all of its list items are also deleted. + operationId: DeleteList + parameters: + - description: List's `id` value + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - in: query + name: deleteReferences + required: false + schema: + default: false + type: boolean + - in: query + name: ignoreReferences + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Delete a list + tags: + - Security Solution Lists API + get: + description: Get the details of a list using the list ID. + operationId: ReadList + parameters: + - description: List's `id` value + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get list details + tags: + - Security Solution Lists API + patch: + description: Update specific fields of an existing list using the list ID. + operationId: PatchList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListDescription + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListMetadata + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + version: + minimum: 1 + type: integer + required: + - id + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Patch a list + tags: + - Security Solution Lists API + post: + description: Create a new list. + operationId: CreateList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListDescription + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListMetadata + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + serializer: + type: string + type: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + version: + default: 1 + minimum: 1 + type: integer + required: + - name + - description + - type + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Create a list + tags: + - Security Solution Lists API + put: + description: > + Update a list using the list ID. The original list is replaced, and all + unspecified fields are deleted. + + > info + + > You cannot modify the `id` value. + operationId: UpdateList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListDescription + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListMetadata + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + version: + minimum: 1 + type: integer + required: + - id + - name + - description + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Update a list + tags: + - Security Solution Lists API + /api/lists/_find: + get: + description: >- + Get a paginated subset of lists. By default, the first page is returned, + with 20 results per page. + operationId: FindLists + parameters: + - description: The page number to return + in: query + name: page + required: false + schema: + type: integer + - description: The number of lists to return per page + in: query + name: per_page + required: false + schema: + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + - description: > + Returns the list that come after the last list returned in the + previous call + + (use the cursor value returned in the previous call). This parameter + uses + + the `tie_breaker_id` field to ensure all lists are sorted and + returned correctly. + in: query + name: cursor + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_FindListsCursor' + - description: > + Filters the returned results according to the value of the specified + field, + + using the : syntax. + in: query + name: filter + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_FindListsFilter' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cursor: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListsCursor + data: + items: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + - cursor + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get lists + tags: + - Security Solution Lists API + /api/lists/index: + delete: + description: Delete the `.lists` and `.items` data streams. + operationId: DeleteListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List data stream not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Delete list data streams + tags: + - Security Solution Lists API + get: + description: Verify that `.lists` and `.items` data streams exist. + operationId: ReadListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + list_index: + type: boolean + list_item_index: + type: boolean + required: + - list_index + - list_item_index + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List data stream(s) not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get status of list data streams + tags: + - Security Solution Lists API + post: + description: Create `.lists` and `.items` data streams in the relevant space. + operationId: CreateListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List data stream exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Create list data streams + tags: + - Security Solution Lists API + /api/lists/items: + delete: + description: Delete a list item using its `id`, or its `list_id` and `value` fields. + operationId: DeleteListItem + parameters: + - description: Required if `list_id` and `value` are not specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: value + required: false + schema: + type: string + - description: >- + Determines when changes made by the request are made visible to + search + in: query + name: refresh + required: false + schema: + default: 'false' + enum: + - 'true' + - 'false' + - wait_for + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + - items: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Delete a list item + tags: + - Security Solution Lists API + get: + description: Get the details of a list item. + operationId: ReadListItem + parameters: + - description: Required if `list_id` and `value` are not specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: value + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + - items: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get a list item + tags: + - Security Solution Lists API + patch: + description: Update specific fields of an existing list item using the list item ID. + operationId: PatchListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemMetadata + refresh: + description: >- + Determines when changes made by the request are made visible + to search + enum: + - 'true' + - 'false' + - wait_for + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemValue + required: + - id + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Patch a list item + tags: + - Security Solution Lists API + post: + description: > + Create a list item and associate it with the specified list. + + + All list items in the same list must be the same type. For example, each + list item in an `ip` list must define a specific IP address. + + > info + + > Before creating a list item, you must create a list. + operationId: CreateListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + list_id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemMetadata + refresh: + description: >- + Determines when changes made by the request are made visible + to search + enum: + - 'true' + - 'false' + - wait_for + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemValue + required: + - list_id + - value + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Create a list item + tags: + - Security Solution Lists API + put: + description: > + Update a list item using the list item ID. The original list item is + replaced, and all unspecified fields are deleted. + + > info + + > You cannot modify the `id` value. + operationId: UpdateListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemMetadata + value: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemValue + required: + - id + - value + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Update a list item + tags: + - Security Solution Lists API + /api/lists/items/_export: + post: + description: Export list item values from the specified list. + operationId: ExportListItems + parameters: + - description: List's id to export + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: A `.txt` file containing list items from the specified list + format: binary + type: string + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Export list items + tags: + - Security Solution Lists API + /api/lists/items/_find: + get: + description: Get all list items in the specified list. + operationId: FindListItems + parameters: + - description: List's id + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: The page number to return + in: query + name: page + required: false + schema: + type: integer + - description: The number of list items to return per page + in: query + name: per_page + required: false + schema: + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + - description: > + Returns the list that come after the last list returned in the + previous call + + (use the cursor value returned in the previous call). This parameter + uses + + the `tie_breaker_id` field to ensure all lists are sorted and + returned correctly. + in: query + name: cursor + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListItemsCursor + - description: > + Filters the returned results according to the value of the specified + field, + + using the : syntax. + in: query + name: filter + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListItemsFilter + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cursor: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListItemsCursor + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItem + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + - cursor + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get list items + tags: + - Security Solution Lists API + /api/lists/items/_import: + post: + description: > + Import list items from a TXT or CSV file. The maximum file size is 9 + million bytes. + + + You can import items to a new or existing list. + operationId: ImportListItems + parameters: + - description: | + List's id. + + Required when importing to an existing list. + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: > + Type of the importing list. + + + Required when importing a new list that is `list_id` is not + specified. + in: query + name: type + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + - in: query + name: serializer + required: false + schema: + type: string + - in: query + name: deserializer + required: false + schema: + type: string + - description: >- + Determines when changes made by the request are made visible to + search + in: query + name: refresh + required: false + schema: + enum: + - 'true' + - 'false' + - wait_for + type: string + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: >- + A `.txt` or `.csv` file containing newline separated list + items + format: binary + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List with specified list_id does not exist response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Import list items + tags: + - Security Solution Lists API + /api/lists/privileges: + get: + operationId: ReadListPrivileges + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + is_authenticated: + type: boolean + listItems: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemPrivileges + lists: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListPrivileges + required: + - lists + - listItems + - is_authenticated + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get list privileges + tags: + - Security Solution Lists API + /api/ml/saved_objects/sync: + get: + description: > + Synchronizes Kibana saved objects for machine learning jobs and trained + models. This API runs automatically when you start Kibana and + periodically thereafter. + operationId: mlSync + parameters: + - $ref: '#/components/parameters/Machine_learning_APIs_simulateParam' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + syncExample: + $ref: '#/components/examples/Machine_learning_APIs_mlSyncExample' + schema: + $ref: '#/components/schemas/Machine_learning_APIs_mlSync200Response' + description: Indicates a successful call + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Machine_learning_APIs_mlSync4xxResponse' + description: Authorization information is missing or invalid. + summary: Sync machine learning saved objects + tags: + - ml + /api/note: + delete: + description: Delete a note from a Timeline using the note ID. + operationId: DeleteNote + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - nullable: true + type: object + properties: + noteId: + type: string + required: + - noteId + - type: object + properties: + noteIds: + items: + type: string + nullable: true + type: array + required: + - noteIds + description: The ID of the note to delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + description: Indicates the note was successfully deleted. + summary: Delete a note + tags: + - Security Solution Timeline API + - access:securitySolution + get: + description: Get all notes for a given document. + operationId: GetNotes + parameters: + - in: query + name: documentIds + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_DocumentIds' + - in: query + name: page + schema: + nullable: true + type: number + - in: query + name: perPage + schema: + nullable: true + type: number + - in: query + name: search + schema: + nullable: true + type: string + - in: query + name: sortField + schema: + nullable: true + type: string + - in: query + name: sortOrder + schema: + nullable: true + type: string + - in: query + name: filter + schema: + nullable: true + type: string + responses: + '200': + description: Indicates the requested notes were returned. + summary: Get notes + tags: + - Security Solution Timeline API + - access:securitySolution + patch: + description: Add a note to a Timeline or update an existing note. + operationId: PersistNoteRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + eventDataView: + nullable: true + type: string + eventIngested: + nullable: true + type: string + eventTimestamp: + nullable: true + type: string + note: + $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + noteId: + nullable: true + type: string + overrideOwner: + nullable: true + type: boolean + version: + nullable: true + type: string + required: + - note + description: The note to add or update, along with additional metadata. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistNote: + type: object + properties: + code: + type: number + message: + type: string + note: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_Note + required: + - code + - message + - note + required: + - persistNote + required: + - data + description: Indicates the note was successfully created. + summary: Add or update a note + tags: + - Security Solution Timeline API + - access:securitySolution + /api/osquery/live_queries: + get: + description: Get a list of all live queries. + operationId: OsqueryFindLiveQueries + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_FindLiveQueryRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live queries + tags: + - Security Solution Osquery API + post: + description: Create and run a live query. + operationId: OsqueryCreateLiveQuery + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_CreateLiveQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a live query + tags: + - Security Solution Osquery API + /api/osquery/live_queries/{id}: + get: + description: Get the details of a live query using the query ID. + operationId: OsqueryGetLiveQueryDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + - in: query + name: query + schema: + additionalProperties: true + type: object + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live query details + tags: + - Security Solution Osquery API + /api/osquery/live_queries/{id}/results/{actionId}: + get: + description: Get the results of a live query using the query action ID. + operationId: OsqueryGetLiveQueryResults + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + - in: path + name: actionId + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_GetLiveQueryResultsRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live query results + tags: + - Security Solution Osquery API + /api/osquery/packs: + get: + description: Get a list of all query packs. + operationId: OsqueryFindPacks + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_FindPacksRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get packs + tags: + - Security Solution Osquery API + post: + description: Create a query pack. + operationId: OsqueryCreatePacks + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_CreatePacksRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a pack + tags: + - Security Solution Osquery API + /api/osquery/packs/{id}: + delete: + description: Delete a query pack using the pack ID. + operationId: OsqueryDeletePacks + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Delete a pack + tags: + - Security Solution Osquery API + get: + description: Get the details of a query pack using the pack ID. + operationId: OsqueryGetPacksDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get pack details + tags: + - Security Solution Osquery API + put: + description: | + Update a query pack using the pack ID. + > info + > You cannot update a prebuilt pack. + operationId: OsqueryUpdatePacks + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_UpdatePacksRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Update a pack + tags: + - Security Solution Osquery API + /api/osquery/saved_queries: + get: + description: Get a list of all saved queries. + operationId: OsqueryFindSavedQueries + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_FindSavedQueryRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get saved queries + tags: + - Security Solution Osquery API + post: + description: Create and run a saved query. + operationId: OsqueryCreateSavedQuery + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_CreateSavedQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a saved query + tags: + - Security Solution Osquery API + /api/osquery/saved_queries/{id}: + delete: + description: Delete a saved query using the query ID. + operationId: OsqueryDeleteSavedQuery + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Delete a saved query + tags: + - Security Solution Osquery API + get: + description: Get the details of a saved query using the query ID. + operationId: OsqueryGetSavedQueryDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get saved query details + tags: + - Security Solution Osquery API + put: + description: | + Update a saved query using the query ID. + > info + > You cannot update a prebuilt saved query. + operationId: OsqueryUpdateSavedQuery + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_UpdateSavedQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Update a saved query + tags: + - Security Solution Osquery API + /api/pinned_event: + patch: + description: Pin an event to an existing Timeline. + operationId: PersistPinnedEventRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + eventId: + type: string + pinnedEventId: + nullable: true + type: string + timelineId: + type: string + required: + - eventId + - timelineId + description: The pinned event to add or update, along with additional metadata. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistPinnedEventOnTimeline: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Timeline_API_PinnedEvent + - type: object + properties: + code: + type: number + message: + type: string + required: + - persistPinnedEventOnTimeline + required: + - data + description: Indicates the event was successfully pinned to the Timeline. + summary: Pin an event + tags: + - Security Solution Timeline API + - access:securitySolution + /api/risk_score/engine/schedule_now: + post: + description: >- + Schedule the risk scoring engine to run as soon as possible. You can use + this to recalculate entity risk scores after updating their asset + criticality. + operationId: ScheduleRiskEngineNow + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: {} + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_RiskEngineScheduleNowResponse + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_TaskManagerUnavailableResponse + description: Task manager is unavailable + default: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse + description: Unexpected error + summary: Run the risk scoring engine + tags: + - Security Solution Entity Analytics API + /api/saved_objects/_export: + post: + description: > + Retrieve sets of saved objects that you want to import into Kibana. + + You must include `type` or `objects` in the request body. + + + Exported saved objects are not backwards compatible and cannot be + imported into an older version of Kibana. + + + NOTE: The `savedObjects.maxImportExportSize` configuration setting + limits the number of saved objects which may be exported. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: exportSavedObjectsDefault + parameters: + - $ref: '#/components/parameters/Serverless_saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + exportSavedObjectsRequest: + $ref: >- + #/components/examples/Serverless_saved_objects_export_objects_request + schema: + type: object + properties: + excludeExportDetails: + default: false + description: Do not add export details entry at the end of the stream. + type: boolean + includeReferencesDeep: + description: >- + Includes all of the referenced objects in the exported + objects. + type: boolean + objects: + description: A list of objects to export. + items: + type: object + type: array + type: + description: >- + The saved object types to include in the export. Use `*` to + export all the types. + oneOf: + - type: string + - items: + type: string + type: array + required: true + responses: + '200': + content: + application/x-ndjson; Elastic-Api-Version=2023-10-31: + examples: + exportSavedObjectsResponse: + $ref: >- + #/components/examples/Serverless_saved_objects_export_objects_response + schema: + additionalProperties: true + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Serverless_saved_objects_400_response' + description: Bad request. + summary: Export saved objects + tags: + - saved objects + /api/saved_objects/_import: + post: + description: > + Create sets of Kibana saved objects from a file created by the export + API. + + Saved objects can be imported only into the same version, a newer minor + on the same major, or the next major. Exported saved objects are not + backwards compatible and cannot be imported into an older version of + Kibana. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: importSavedObjectsDefault + parameters: + - $ref: '#/components/parameters/Serverless_saved_objects_kbn_xsrf' + - description: > + Creates copies of saved objects, regenerates each object ID, and + resets the origin. When used, potential conflict errors are avoided. + NOTE: This option cannot be used with the `overwrite` and + `compatibilityMode` options. + in: query + name: createNewCopies + required: false + schema: + type: boolean + - description: > + Overwrites saved objects when they already exist. When used, + potential conflict errors are automatically resolved by overwriting + the destination object. NOTE: This option cannot be used with the + `createNewCopies` option. + in: query + name: overwrite + required: false + schema: + type: boolean + - description: > + Applies various adjustments to the saved objects that are being + imported to maintain compatibility between different Kibana + versions. Use this option only if you encounter issues with imported + saved objects. NOTE: This option cannot be used with the + `createNewCopies` option. + in: query + name: compatibilityMode + required: false + schema: + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + examples: + importObjectsRequest: + $ref: >- + #/components/examples/Serverless_saved_objects_import_objects_request + schema: + type: object + properties: + file: + description: > + A file exported using the export API. NOTE: The + `savedObjects.maxImportExportSize` configuration setting + limits the number of saved objects which may be included in + this file. Similarly, the + `savedObjects.maxImportPayloadBytes` setting limits the + overall size of the file that can be imported. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + importObjectsResponse: + $ref: >- + #/components/examples/Serverless_saved_objects_import_objects_response + schema: + type: object + properties: + errors: + description: > + Indicates the import was unsuccessful and specifies the + objects that failed to import. + + + NOTE: One object may result in multiple errors, which + requires separate steps to resolve. For instance, a + `missing_references` error and conflict error. + items: + type: object + type: array + success: + description: > + Indicates when the import was successfully completed. When + set to false, some objects may not have been created. For + additional information, refer to the `errors` and + `successResults` properties. + type: boolean + successCount: + description: Indicates the number of successfully imported records. + type: integer + successResults: + description: > + Indicates the objects that are successfully imported, with + any metadata if applicable. + + + NOTE: Objects are created only when all resolvable errors + are addressed, including conflicts and missing references. + If objects are created as new copies, each entry in the + `successResults` array includes a `destinationId` + attribute. + items: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Serverless_saved_objects_400_response' + description: Bad request. + summary: Import saved objects + tags: + - saved objects + x-codeSamples: + - label: Import with createNewCopies + lang: cURL + source: | + curl \ + -X POST api/saved_objects/_import?createNewCopies=true + -H "kbn-xsrf: true" + --form file=@file.ndjson + /api/security_ai_assistant/anonymization_fields/_bulk_action: + post: + description: >- + Apply a bulk action to multiple anonymization fields. The bulk action is + applied to all anonymization fields that match the filter or to the list + of anonymization fields by their IDs. + operationId: PerformAnonymizationFieldsBulkAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + create: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldCreateProps + type: array + delete: + type: object + properties: + ids: + description: Array of anonymization fields IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter anonymization fields + type: string + update: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldUpdateProps + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Apply a bulk action to anonymization fields + tags: + - Security AI Assistant API + - Bulk API + /api/security_ai_assistant/anonymization_fields/_find: + get: + description: Get a list of all anonymization fields. + operationId: FindAnonymizationFields + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindAnonymizationFieldsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: AnonymizationFields per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get anonymization fields + tags: + - Security AI Assistant API + - AnonymizationFields API + /api/security_ai_assistant/chat/complete: + post: + description: Create a model response for the given chat conversation. + operationId: ChatComplete + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatCompleteProps' + required: true + responses: + '200': + content: + application/octet-stream; Elastic-Api-Version=2023-10-31: + schema: + format: binary + type: string + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Create a model response + tags: + - Security AI Assistant API + - Chat Complete API + /api/security_ai_assistant/current_user/conversations: + post: + description: Create a new Security AI Assistant conversation. + operationId: CreateConversation + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationCreateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Create a conversation + tags: + - Security AI Assistant API + - Conversation API + /api/security_ai_assistant/current_user/conversations/_find: + get: + description: Get a list of all conversations for the current user. + operationId: FindConversations + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindConversationsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Conversations per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get conversations + tags: + - Security AI Assistant API + - Conversations API + /api/security_ai_assistant/current_user/conversations/{id}: + delete: + description: Delete an existing conversation using the conversation ID. + operationId: DeleteConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Delete a conversation + tags: + - Security AI Assistant API + - Conversation API + get: + description: Get the details of an existing conversation using the conversation ID. + operationId: ReadConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get a conversation + tags: + - Security AI Assistant API + - Conversations API + put: + description: Update an existing conversation using the conversation ID. + operationId: UpdateConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationUpdateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Update a conversation + tags: + - Security AI Assistant API + - Conversation API + /api/security_ai_assistant/prompts/_bulk_action: + post: + description: >- + Apply a bulk action to multiple prompts. The bulk action is applied to + all prompts that match the filter or to the list of prompts by their + IDs. + operationId: PerformPromptsBulkAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + create: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptCreateProps + type: array + delete: + type: object + properties: + ids: + description: Array of prompts IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter promps + type: string + update: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptUpdateProps + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Apply a bulk action to prompts + tags: + - Security AI Assistant API + - Bulk API + /api/security_ai_assistant/prompts/_find: + get: + description: Get a list of all prompts. + operationId: FindPrompts + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindPromptsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Prompts per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get prompts + tags: + - Security AI Assistant API + - Prompts API + /api/status: + get: + operationId: '%2Fapi%2Fstatus#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: Set to "true" to get the response in v7 format. + in: query + name: v7format + required: false + schema: + type: boolean + - description: Set to "true" to get the response in v8 format. + in: query + name: v8format + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + - $ref: >- + #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse + description: >- + Kibana's operational status. A minimal response is sent for + unauthorized users. + description: Overall status is OK and Kibana should be functioning normally. + '503': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + - $ref: >- + #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse + description: >- + Kibana's operational status. A minimal response is sent for + unauthorized users. + description: >- + Kibana or some of it's essential services are unavailable. Kibana + may be degraded or unavailable. + summary: Get Kibana's current status + tags: + - system + /api/timeline: + delete: + description: Delete one or more Timelines or Timeline templates. + operationId: DeleteTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + savedObjectIds: + items: + type: string + type: array + searchIds: + description: >- + Saved search ids that should be deleted alongside the + timelines + items: + type: string + type: array + required: + - savedObjectIds + description: The IDs of the Timelines or Timeline templates to delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + deleteTimeline: + type: boolean + required: + - deleteTimeline + required: + - data + description: Indicates the Timeline was successfully deleted. + summary: Delete Timelines or Timeline templates + tags: + - Security Solution Timeline API + - access:securitySolution + get: + description: Get the details of an existing saved Timeline or Timeline template. + operationId: GetTimeline + parameters: + - description: The ID of the template timeline to retrieve + in: query + name: template_timeline_id + schema: + type: string + - description: The ID of the Timeline to retrieve. + in: query + name: id + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + getOneTimeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + nullable: true + required: + - getOneTimeline + required: + - data + description: Indicates that the (template) Timeline was found and returned. + summary: Get Timeline or Timeline template details + tags: + - Security Solution Timeline API + - access:securitySolution + patch: + description: >- + Update an existing Timeline. You can update the title, description, date + range, pinned events, pinned queries, and/or pinned saved queries of an + existing Timeline. + operationId: PatchTimeline + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SavedTimeline + timelineId: + nullable: true + type: string + version: + nullable: true + type: string + required: + - timelineId + - version + - timeline + description: The Timeline updates, along with the Timeline ID and version. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - timeline + required: + - persistTimeline + required: + - data + description: >- + Indicates that the draft Timeline was successfully created. In the + event the user already has a draft Timeline, the existing draft + Timeline is cleared and returned. + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates that the user does not have the required access to create + a draft Timeline. + summary: Update a Timeline + tags: + - Security Solution Timeline API + - access:securitySolution + post: + description: Create a new Timeline or Timeline template. + operationId: CreateTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + status: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineStatus + nullable: true + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SavedTimeline + timelineId: + nullable: true + type: string + timelineType: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineType + nullable: true + version: + nullable: true + type: string + required: + - timeline + description: >- + The required Timeline fields used to create a new Timeline, along with + optional fields that will be created if not provided. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - persistTimeline + required: + - data + description: Indicates the Timeline was successfully created. + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Indicates that there was an error in the Timeline creation. + summary: Create a Timeline or Timeline template + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/_draft: + get: + description: >- + Get the details of the draft Timeline or Timeline template for the + current user. If the user doesn't have a draft Timeline, an empty + Timeline is returned. + operationId: GetDraftTimelines + parameters: + - in: query + name: timelineType + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - timeline + required: + - persistTimeline + required: + - data + description: Indicates that the draft Timeline was successfully retrieved. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + If a draft Timeline was not found and we attempted to create one, it + indicates that the user does not have the required permissions to + create a draft Timeline. + '409': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + This should never happen, but if a draft Timeline was not found and + we attempted to create one, it indicates that there is already a + draft Timeline with the given `timelineId`. + summary: Get draft Timeline or Timeline template details + tags: + - Security Solution Timeline API + - access:securitySolution + post: + description: > + Create a clean draft Timeline or Timeline template for the current user. + + > info + + > If the user already has a draft Timeline, the existing draft Timeline + is cleared and returned. + operationId: CleanDraftTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + timelineType: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineType + required: + - timelineType + description: >- + The type of Timeline to create. Valid values are `default` and + `template`. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - timeline + required: + - persistTimeline + required: + - data + description: >- + Indicates that the draft Timeline was successfully created. In the + event the user already has a draft Timeline, the existing draft + Timeline is cleared and returned. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + Indicates that the user does not have the required permissions to + create a draft Timeline. + '409': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + Indicates that there is already a draft Timeline with the given + `timelineId`. + summary: Create a clean draft Timeline or Timeline template + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/_export: + post: + description: Export Timelines as an NDJSON file. + operationId: ExportTimelines + parameters: + - description: The name of the file to export + in: query + name: file_name + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + ids: + items: + type: string + nullable: true + type: array + description: The IDs of the Timelines to export. + required: true + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: NDJSON of the exported Timelines + type: string + description: Indicates the Timelines were successfully exported. + '400': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Indicates that the export size limit was exceeded. + summary: Export Timelines + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/_favorite: + patch: + description: Favorite a Timeline or Timeline template for the current user. + operationId: PersistFavoriteRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineId: + nullable: true + type: string + timelineType: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineType + nullable: true + required: + - timelineId + - templateTimelineId + - templateTimelineVersion + - timelineType + description: The required fields used to favorite a (template) Timeline. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistFavorite: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FavoriteTimelineResponse + required: + - persistFavorite + required: + - data + description: Indicates the favorite status was successfully updated. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates the user does not have the required permissions to persist + the favorite status. + summary: Favorite a Timeline or Timeline template + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/_import: + post: + description: Import Timelines. + operationId: ImportTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Timeline_API_Readable + - type: object + properties: + hapi: + type: object + properties: + filename: + type: string + headers: + type: object + isImmutable: + enum: + - 'true' + - 'false' + type: string + required: + - filename + - headers + required: + - hapi + description: The Timelines to import as a readable stream. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelineResult + required: + - data + description: Indicates the import of Timelines was successful. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + id: + type: string + statusCode: + type: number + description: >- + Indicates the import of Timelines was unsuccessful because of an + invalid file extension. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + statusCode: + type: number + description: >- + Indicates that we were unable to locate the saved object client + necessary to handle the import. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + id: + type: string + statusCode: + type: number + description: Indicates the import of Timelines was unsuccessful. + summary: Import Timelines + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/_prepackaged: + post: + description: Install or update prepackaged Timelines. + operationId: InstallPrepackedTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + prepackagedTimelines: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SavedTimeline + type: array + timelinesToInstall: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelines + nullable: true + type: array + timelinesToUpdate: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelines + nullable: true + type: array + required: + - timelinesToInstall + - timelinesToUpdate + - prepackagedTimelines + description: The Timelines to install or update. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelineResult + required: + - data + description: Indicates the installation of prepackaged Timelines was successful. + '500': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates the installation of prepackaged Timelines was + unsuccessful. + summary: Install prepackaged Timelines + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/resolve: + get: + operationId: ResolveTimeline + parameters: + - description: The ID of the template timeline to resolve + in: query + name: template_timeline_id + schema: + type: string + - description: The ID of the timeline to resolve + in: query + name: id + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + getOneTimeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + nullable: true + required: + - getOneTimeline + required: + - data + description: The (template) Timeline has been found + '400': + description: The request is missing parameters + '404': + description: The (template) Timeline was not found + summary: Get an existing saved Timeline or Timeline template + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timelines: + get: + description: Get a list of all saved Timelines or Timeline templates. + operationId: GetTimelines + parameters: + - description: >- + If true, only timelines that are marked as favorites by the user are + returned. + in: query + name: only_user_favorite + schema: + enum: + - 'true' + - 'false' + nullable: true + type: string + - in: query + name: timeline_type + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + nullable: true + - in: query + name: sort_field + schema: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SortFieldTimeline + - in: query + name: sort_order + schema: + enum: + - asc + - desc + type: string + - in: query + name: page_size + schema: + nullable: true + type: string + - in: query + name: page_index + schema: + nullable: true + type: string + - in: query + name: search + schema: + nullable: true + type: string + - in: query + name: status + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineStatus' + nullable: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + customTemplateTimelineCount: + type: number + defaultTimelineCount: + type: number + elasticTemplateTimelineCount: + type: number + favoriteCount: + type: number + templateTimelineCount: + type: number + timelines: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + type: array + totalCount: + type: number + required: + - timelines + - totalCount + - defaultTimelineCount + - templateTimelineCount + - favoriteCount + - elasticTemplateTimelineCount + - customTemplateTimelineCount + required: + - data + description: Indicates that the (template) Timelines were found and returned. + '400': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Bad request. The user supplied invalid data. + summary: Get Timelines or Timeline templates + tags: + - Security Solution Timeline API + - access:securitySolution + /s/{spaceId}/api/observability/slos: + get: + description: > + You must have the `read` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: findSlosOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - description: A valid kql query to filter the SLO with + example: 'slo.name:latency* and slo.tags : "prod"' + in: query + name: kqlQuery + schema: + type: string + - description: The page to use for pagination, must be greater or equal than 1 + example: 1 + in: query + name: page + schema: + default: 1 + type: integer + - description: Number of SLOs returned by page + example: 25 + in: query + name: perPage + schema: + default: 25 + maximum: 5000 + type: integer + - description: Sort by field + example: status + in: query + name: sortBy + schema: + default: status + enum: + - sli_value + - status + - error_budget_consumed + - error_budget_remaining + type: string + - description: Sort order + example: asc + in: query + name: sortDirection + schema: + default: asc + enum: + - asc + - desc + type: string + - description: >- + Hide stale SLOs from the list as defined by stale SLO threshold in + SLO settings + in: query + name: hideStale + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_find_slo_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Get a paginated list of SLOs + tags: + - slo + post: + description: > + You must have `all` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: createSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_create_slo_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_create_slo_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_409_response' + description: Conflict - The SLO id already exists + servers: + - url: https://localhost:5601 + summary: Create an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/_delete_instances: + post: + description: > + The deletion occurs for the specified list of `sloId` and `instanceId`. + You must have `all` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: deleteSloInstancesOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_delete_slo_instances_request' + required: true + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + servers: + - url: https://localhost:5601 + summary: Batch delete rollup and summary data + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}: + delete: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: deleteSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Delete an SLO + tags: + - slo + get: + description: > + You must have the `read` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: getSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + - description: the specific instanceId used by the summary calculation + example: host-abcde + in: query + name: instanceId + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_with_summary_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Get an SLO + tags: + - slo + put: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: updateSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_update_slo_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_definition_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Update an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/_reset: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: resetSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_definition_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Reset an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/disable: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: disableSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '200': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Disable an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/enable: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: enableSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Enable an SLO + tags: + - slo +components: + examples: + Data_views_create_data_view_request: + summary: Create a data view with runtime fields. + value: + data_view: + name: My Logstash data view + runtimeFieldMap: + runtime_shape_name: + script: + source: emit(doc['shape_name'].value) + type: keyword + title: logstash-* + Data_views_create_runtime_field_request: + summary: Create a runtime field. + value: + name: runtimeFoo + runtimeField: + script: + source: emit(doc["foo"].value) + type: long + Data_views_get_data_view_response: + summary: >- + The get data view API returns a JSON object that contains information + about the data view. + value: + data_view: + allowNoIndex: false + fieldAttrs: + products.manufacturer: + count: 1 + products.price: + count: 1 + products.product_name: + count: 1 + total_quantity: + count: 1 + fieldFormats: + products.base_price: + id: number + params: + pattern: $0,0.00 + products.base_unit_price: + id: number + params: + pattern: $0,0.00 + products.min_price: + id: number + params: + pattern: $0,0.00 + products.price: + id: number + params: + pattern: $0,0.00 + products.taxful_price: + id: number + params: + pattern: $0,0.00 + products.taxless_price: + id: number + params: + pattern: $0,0.00 + taxful_total_price: + id: number + params: + pattern: $0,0.[00] + taxless_total_price: + id: number + params: + pattern: $0,0.00 + fields: + _id: + aggregatable: false + count: 0 + esTypes: + - _id + format: + id: string + isMapped: true + name: _id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _index: + aggregatable: true + count: 0 + esTypes: + - _index + format: + id: string + isMapped: true + name: _index + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _score: + aggregatable: false + count: 0 + format: + id: number + isMapped: true + name: _score + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: number + _source: + aggregatable: false + count: 0 + esTypes: + - _source + format: + id: _source + isMapped: true + name: _source + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: _source + category: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: category + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + category.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: category.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: category + type: string + currency: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: currency + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_birth_date: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: customer_birth_date + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + customer_first_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_first_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_first_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_first_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_first_name + type: string + customer_full_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_full_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_full_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_full_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_full_name + type: string + customer_gender: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_gender + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_id: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_last_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_last_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_last_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_last_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_last_name + type: string + customer_phone: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_phone + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + day_of_week: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: day_of_week + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + day_of_week_i: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: day_of_week_i + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + email: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: email + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + event.dataset: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: event.dataset + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.city_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.city_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.continent_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.continent_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.country_iso_code: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.country_iso_code + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.location: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: geoip.location + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + geoip.region_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.region_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + manufacturer: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: manufacturer + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + manufacturer.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: manufacturer.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: manufacturer + type: string + order_date: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: order_date + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + order_id: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: order_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + products._id: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: products._id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products._id.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products._id.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products._id + type: string + products.base_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.base_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.base_unit_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.base_unit_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.category: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: products.category + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.category.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.category.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.category + type: string + products.created_on: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: products.created_on + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + products.discount_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.discount_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.discount_percentage: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.discount_percentage + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.manufacturer: + aggregatable: false + count: 1 + esTypes: + - text + format: + id: string + isMapped: true + name: products.manufacturer + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.manufacturer.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.manufacturer.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.manufacturer + type: string + products.min_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.min_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.price: + aggregatable: true + count: 1 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.product_id: + aggregatable: true + count: 0 + esTypes: + - long + format: + id: number + isMapped: true + name: products.product_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.product_name: + aggregatable: false + count: 1 + esTypes: + - text + format: + id: string + isMapped: true + name: products.product_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.product_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.product_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.product_name + type: string + products.quantity: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: products.quantity + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.sku: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.sku + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.tax_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.tax_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.taxful_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.taxful_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.taxless_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.taxless_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.unit_discount_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.unit_discount_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + sku: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: sku + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + taxful_total_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.[00] + isMapped: true + name: taxful_total_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + taxless_total_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: taxless_total_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + total_quantity: + aggregatable: true + count: 1 + esTypes: + - integer + format: + id: number + isMapped: true + name: total_quantity + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + total_unique_products: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: total_unique_products + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + type: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: type + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + user: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: user + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + name: Kibana Sample Data eCommerce + namespaces: + - default + runtimeFieldMap: {} + sourceFilters: [] + timeFieldName: order_date + title: kibana_sample_data_ecommerce + typeMeta: {} + version: WzUsMV0= + Data_views_get_data_views_response: + summary: The get all data views API returns a list of data views. + value: + data_view: + - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + name: Kibana Sample Data eCommerce + namespaces: + - default + title: kibana_sample_data_ecommerce + typeMeta: {} + - id: d3d7af60-4c81-11e8-b3d7-01146121b73d + name: Kibana Sample Data Flights + namespaces: + - default + title: kibana_sample_data_flights + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: Kibana Sample Data Logs + namespaces: + - default + title: kibana_sample_data_logs + Data_views_get_default_data_view_response: + summary: The get default data view API returns the default data view identifier. + value: + data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + Data_views_get_runtime_field_response: + summary: >- + The get runtime field API returns a JSON object that contains + information about the runtime field (`hour_of_day`) and the data view + (`d3d7af60-4c81-11e8-b3d7-01146121b73d`). + value: + data_view: + allowNoIndex: false + fieldAttrs: {} + fieldFormats: + AvgTicketPrice: + id: number + params: + pattern: $0,0.[00] + hour_of_day: + id: number + params: + pattern: '00' + fields: + _id: + aggregatable: false + count: 0 + esTypes: + - _id + format: + id: string + isMapped: true + name: _id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _index: + aggregatable: true + count: 0 + esTypes: + - _index + format: + id: string + isMapped: true + name: _index + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _score: + aggregatable: false + count: 0 + format: + id: number + isMapped: true + name: _score + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: number + _source: + aggregatable: false + count: 0 + esTypes: + - _source + format: + id: _source + isMapped: true + name: _source + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: _source + AvgTicketPrice: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + params: + pattern: $0,0.[00] + isMapped: true + name: AvgTicketPrice + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + Cancelled: + aggregatable: true + count: 0 + esTypes: + - boolean + format: + id: boolean + isMapped: true + name: Cancelled + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: boolean + Carrier: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Carrier + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + dayOfWeek: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: dayOfWeek + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + Dest: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Dest + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestAirportID: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestAirportID + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestCityName: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestCityName + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestCountry: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestCountry + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestLocation: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: DestLocation + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + DestRegion: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestRegion + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestWeather: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestWeather + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DistanceKilometers: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: DistanceKilometers + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + DistanceMiles: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: DistanceMiles + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + FlightDelay: + aggregatable: true + count: 0 + esTypes: + - boolean + format: + id: boolean + isMapped: true + name: FlightDelay + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: boolean + FlightDelayMin: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: FlightDelayMin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + FlightDelayType: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightDelayType + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + FlightNum: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightNum + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + FlightTimeHour: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightTimeHour + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + FlightTimeMin: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: FlightTimeMin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + hour_of_day: + aggregatable: true + count: 0 + esTypes: + - long + format: + id: number + params: + pattern: '00' + name: hour_of_day + readFromDocValues: false + runtimeField: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + scripted: false + searchable: true + shortDotsEnable: false + type: number + Origin: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Origin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginAirportID: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginAirportID + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginCityName: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginCityName + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginCountry: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginCountry + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginLocation: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: OriginLocation + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + OriginRegion: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginRegion + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginWeather: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginWeather + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + timestamp: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: timestamp + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + id: d3d7af60-4c81-11e8-b3d7-01146121b73d + name: Kibana Sample Data Flights + runtimeFieldMap: + hour_of_day: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + sourceFilters: [] + timeFieldName: timestamp + title: kibana_sample_data_flights + version: WzM2LDJd + fields: + - aggregatable: true + count: 0 + esTypes: + - long + name: hour_of_day + readFromDocValues: false + runtimeField: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + scripted: false + searchable: true + shortDotsEnable: false + type: number + Data_views_preview_swap_data_view_request: + summary: Preview swapping references from data view ID "abcd-efg" to "xyz-123". + value: + fromId: abcd-efg + toId: xyz-123 + Data_views_set_default_data_view_request: + summary: Set the default data view identifier. + value: + data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + force: true + Data_views_swap_data_view_request: + summary: >- + Swap references from data view ID "abcd-efg" to "xyz-123" and remove the + data view that is no longer referenced. + value: + delete: true + fromId: abcd-efg + toId: xyz-123 + Data_views_update_data_view_request: + summary: Update some properties for a data view. + value: + data_view: + allowNoIndex: false + name: Kibana Sample Data eCommerce + timeFieldName: order_date + title: kibana_sample_data_ecommerce + refresh_fields: true + Data_views_update_field_metadata_request: + summary: Update metadata for multiple fields. + value: + fields: + field1: + count: 123 + customLabel: Field 1 label + field2: + customDescription: Field 2 description + customLabel: Field 2 label + Data_views_update_runtime_field_request: + summary: Update an existing runtime field on a data view. + value: + runtimeField: + script: + source: emit(doc["bar"].value) + Machine_learning_APIs_mlSyncExample: + summary: Two anomaly detection jobs required synchronization in this example. + value: + datafeedsAdded: {} + datafeedsRemoved: {} + savedObjectsCreated: + anomaly-detector: + myjob1: + success: true + myjob2: + success: true + savedObjectsDeleted: {} + Serverless_saved_objects_export_objects_request: + summary: Export a specific saved object. + value: + excludeExportDetails: true + includeReferencesDeep: false + objects: + - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 + type: map + Serverless_saved_objects_export_objects_response: + summary: >- + The export objects API response contains a JSON record for each exported + object. + value: + attributes: + description: '' + layerListJSON: >- + [{"id":"0hmz5","alpha":1,"sourceDescriptor":{"type":"EMS_TMS","isAutoSelect":true,"lightModeDefault":"road_map_desaturated"},"visible":true,"style":{},"type":"EMS_VECTOR_TILE","minZoom":0,"maxZoom":24},{"id":"edh66","label":"Total + Requests by + Destination","minZoom":0,"maxZoom":24,"alpha":0.5,"sourceDescriptor":{"type":"EMS_FILE","id":"world_countries","tooltipProperties":["name","iso2"]},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"__kbnjoin__count__673ff994-fc75-4c67-909b-69fcb0e1060e","origin":"join"},"color":"Greys","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"STATIC","options":{"size":10}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR","joins":[{"leftField":"iso2","right":{"type":"ES_TERM_SOURCE","id":"673ff994-fc75-4c67-909b-69fcb0e1060e","indexPatternTitle":"kibana_sample_data_logs","term":"geo.dest","indexPatternRefName":"layer_1_join_0_index_pattern","metrics":[{"type":"count","label":"web + logs + count"}],"applyGlobalQuery":true}}]},{"id":"gaxya","label":"Actual + Requests","minZoom":9,"maxZoom":24,"alpha":1,"sourceDescriptor":{"id":"b7486535-171b-4d3b-bb2e-33c1a0a2854c","type":"ES_SEARCH","geoField":"geo.coordinates","limit":2048,"filterByMapBounds":true,"tooltipProperties":["clientip","timestamp","host","request","response","machine.os","agent","bytes"],"indexPatternRefName":"layer_2_source_index_pattern","applyGlobalQuery":true,"scalingType":"LIMIT"},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"STATIC","options":{"color":"#2200ff"}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":2}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"bytes","origin":"source"},"minSize":1,"maxSize":23,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"},{"id":"tfi3f","label":"Total + Requests and + Bytes","minZoom":0,"maxZoom":9,"alpha":1,"sourceDescriptor":{"type":"ES_GEO_GRID","resolution":"COARSE","id":"8aaa65b5-a4e9-448b-9560-c98cb1c5ac5b","geoField":"geo.coordinates","requestType":"point","metrics":[{"type":"count","label":"web + logs + count"},{"type":"sum","field":"bytes"}],"indexPatternRefName":"layer_3_source_index_pattern","applyGlobalQuery":true},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"color":"Blues","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#cccccc"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"sum_of_bytes","origin":"source"},"minSize":7,"maxSize":25,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelText":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelSize":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"minSize":12,"maxSize":24,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"}] + mapStateJSON: >- + {"zoom":3.64,"center":{"lon":-88.92107,"lat":42.16337},"timeFilters":{"from":"now-7d","to":"now"},"refreshConfig":{"isPaused":true,"interval":0},"query":{"language":"kuery","query":""},"settings":{"autoFitToDataBounds":false}} + title: '[Logs] Total Requests and Bytes' + uiStateJSON: '{"isDarkMode":false}' + coreMigrationVersion: 8.8.0 + created_at: '2023-08-23T20:03:32.204Z' + id: de71f4f0-1902-11e9-919b-ffe5949a18d2 + managed: false + references: + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_1_join_0_index_pattern + type: index-pattern + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_2_source_index_pattern + type: index-pattern + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_3_source_index_pattern + type: index-pattern + type: map + typeMigrationVersion: 8.4.0 + updated_at: '2023-08-23T20:03:32.204Z' + version: WzEzLDFd + Serverless_saved_objects_import_objects_request: + value: + file: file.ndjson + Serverless_saved_objects_import_objects_response: + summary: >- + The import objects API response indicates a successful import and the + objects are created. Since these objects are created as new copies, each + entry in the successResults array includes a destinationId attribute. + value: + success: true + successCount: 1 + successResults: + - destinationId: 82d2760c-468f-49cf-83aa-b9a35b6a8943 + id: 90943e30-9a47-11e8-b64d-95841ca0b247 + managed: false + meta: + icon: indexPatternApp + title: Kibana Sample Data Logs + type: index-pattern + parameters: + Data_views_field_name: + description: The name of the runtime field. + in: path + name: fieldName + required: true + schema: + example: hour_of_day + type: string + Data_views_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Data_views_view_id: + description: An identifier for the data view. + in: path + name: viewId + required: true + schema: + example: ff959d40-b880-11e8-a6d9-e546fe2bba5f + type: string + Fleet_format: + description: Simplified or legacy format for package inputs + in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + Fleet_kbn_xsrf: + description: Kibana's anti Cross-Site Request Forgery token. Can be any string value. + in: header + name: kbn-xsrf + required: true + schema: + type: string + Fleet_kuery: + in: query + name: kuery + required: false + schema: + type: string + Fleet_page_index: + in: query + name: page + required: false + schema: + default: 1 + type: integer + Fleet_page_size: + description: The number of items to return + in: query + name: perPage + required: false + schema: + default: 20 + type: integer + Fleet_show_inactive: + in: query + name: showInactive + required: false + schema: + type: boolean + Fleet_show_upgradeable: + in: query + name: showUpgradeable + required: false + schema: + type: boolean + Fleet_sort_field: + in: query + name: sortField + required: false + schema: + deprecated: true + type: string + Fleet_sort_order: + in: query + name: sortOrder + required: false + schema: + enum: + - asc + - desc + type: string + Fleet_with_metrics: + description: Return agent metrics, false by default + in: query + name: withMetrics + required: false + schema: + type: boolean + Machine_learning_APIs_simulateParam: + description: >- + When true, simulates the synchronization by returning only the list of + actions that would be performed. + example: 'true' + in: query + name: simulate + required: false + schema: + type: boolean + Serverless_saved_objects_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + SLOs_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + SLOs_slo_id: + description: An identifier for the slo. + in: path + name: sloId + required: true + schema: + example: 9c235211-6834-11ea-a78c-6feb38a34414 + type: string + SLOs_space_id: + description: >- + An identifier for the space. If `/s/` and the identifier are omitted + from the path, the default space is used. + in: path + name: spaceId + required: true + schema: + example: default + type: string + responses: + Fleet_error: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + schemas: + Data_views_400_response: + title: Bad request + type: object + properties: + error: + example: Bad Request + type: string + message: + type: string + statusCode: + example: 400 + type: number + required: + - statusCode + - error + - message + Data_views_404_response: + type: object + properties: + error: + enum: + - Not Found + example: Not Found + type: string + message: + example: >- + Saved object [index-pattern/caaad6d0-920c-11ed-b36a-874bd1548a00] + not found + type: string + statusCode: + enum: + - 404 + example: 404 + type: integer + Data_views_allownoindex: + description: Allows the data view saved object to exist before the data is available. + type: boolean + Data_views_create_data_view_request_object: + title: Create data view request + type: object + properties: + data_view: + description: The data view object. + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldAttrs: + additionalProperties: + $ref: '#/components/schemas/Data_views_fieldattrs' + type: object + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + id: + type: string + name: + description: The data view name. + type: string + namespaces: + $ref: '#/components/schemas/Data_views_namespaces' + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + version: + type: string + required: + - title + override: + default: false + description: >- + Override an existing data view if a data view with the provided + title already exists. + type: boolean + required: + - data_view + Data_views_data_view_response_object: + title: Data view response properties + type: object + properties: + data_view: + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldAttrs: + additionalProperties: + $ref: '#/components/schemas/Data_views_fieldattrs' + type: object + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + id: + example: ff959d40-b880-11e8-a6d9-e546fe2bba5f + type: string + name: + description: The data view name. + type: string + namespaces: + $ref: '#/components/schemas/Data_views_namespaces' + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta_response' + version: + example: WzQ2LDJd + type: string + Data_views_fieldattrs: + description: A map of field attributes by field name. + type: object + properties: + count: + description: Popularity count for the field. + type: integer + customDescription: + description: Custom description for the field. + maxLength: 300 + type: string + customLabel: + description: Custom label for the field. + type: string + Data_views_fieldformats: + description: A map of field formats by field name. + type: object + Data_views_namespaces: + description: >- + An array of space identifiers for sharing the data view between multiple + spaces. + items: + default: default + type: string + type: array + Data_views_runtimefieldmap: + description: A map of runtime field definitions by field name. + type: object + properties: + script: + type: object + properties: + source: + description: Script for the runtime field. + type: string + type: + description: Mapping type of the runtime field. + type: string + required: + - script + - type + Data_views_sourcefilters: + description: The array of field names you want to filter out in Discover. + items: + type: object + properties: + value: + type: string + required: + - value + type: array + Data_views_swap_data_view_request_object: + title: Data view reference swap request + type: object + properties: + delete: + description: Deletes referenced saved object if all references are removed. + type: boolean + forId: + description: Limit the affected saved objects to one or more by identifier. + oneOf: + - type: string + - items: + type: string + type: array + forType: + description: Limit the affected saved objects by type. + type: string + fromId: + description: The saved object reference to change. + type: string + fromType: + description: > + Specify the type of the saved object reference to alter. The default + value is `index-pattern` for data views. + type: string + toId: + description: New saved object reference value to replace the old value. + type: string + required: + - fromId + - toId + Data_views_timefieldname: + description: The timestamp field name, which you use for time-based data views. + type: string + Data_views_title: + description: >- + Comma-separated list of data streams, indices, and aliases that you want + to search. Supports wildcards (`*`). + type: string + Data_views_type: + description: When set to `rollup`, identifies the rollup data views. + type: string + Data_views_typemeta: + description: >- + When you use rollup indices, contains the field list for the rollup data + view API endpoints. + type: object + properties: + aggs: + description: A map of rollup restrictions by aggregation type and field name. + type: object + params: + description: Properties for retrieving rollup fields. + type: object + required: + - aggs + - params + Data_views_typemeta_response: + description: >- + When you use rollup indices, contains the field list for the rollup data + view API endpoints. + nullable: true + type: object + properties: + aggs: + description: A map of rollup restrictions by aggregation type and field name. + type: object + params: + description: Properties for retrieving rollup fields. + type: object + Data_views_update_data_view_request_object: + title: Update data view request + type: object + properties: + data_view: + description: > + The data view properties you want to update. Only the specified + properties are updated in the data view. Unspecified fields stay as + they are persisted. + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + name: + type: string + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + refresh_fields: + default: false + description: Reloads the data view fields after the data view is updated. + type: boolean + required: + - data_view + Fleet_agent: + title: Agent + type: object + properties: + access_api_key: + type: string + access_api_key_id: + type: string + active: + type: boolean + components: + items: + $ref: '#/components/schemas/Fleet_agent_component' + type: array + default_api_key: + type: string + default_api_key_id: + type: string + enrolled_at: + type: string + id: + type: string + last_checkin: + type: string + local_metadata: + $ref: '#/components/schemas/Fleet_agent_metadata' + metrics: + type: object + properties: + cpu_avg: + description: >- + Average agent CPU usage during the last 5 minutes, number + between 0-1 + type: number + memory_size_byte_avg: + description: Average agent memory consumption during the last 5 minutes + type: number + policy_id: + type: string + policy_revision: + type: number + status: + $ref: '#/components/schemas/Fleet_agent_status' + type: + $ref: '#/components/schemas/Fleet_agent_type' + unenrolled_at: + type: string + unenrollment_started_at: + type: string + user_provided_metadata: + $ref: '#/components/schemas/Fleet_agent_metadata' + required: + - type + - active + - enrolled_at + - id + - status + Fleet_agent_action: + oneOf: + - properties: + ack_data: + type: string + data: + type: string + type: + enum: + - UNENROLL + - UPGRADE + - POLICY_REASSIGN + type: string + - properties: + data: + type: object + properties: + log_level: + enum: + - debug + - info + - warning + - error + nullable: true + type: string + type: + type: string + title: Agent action + Fleet_agent_component: + title: Agent component + type: object + properties: + id: + type: string + message: + type: string + status: + $ref: '#/components/schemas/Fleet_agent_component_status' + type: + type: string + units: + items: + $ref: '#/components/schemas/Fleet_agent_component_unit' + type: array + Fleet_agent_component_status: + enum: + - starting + - configuring + - healthy + - degraded + - failed + - stopping + - stopped + title: Agent component status + type: string + Fleet_agent_component_unit: + title: Agent component unit + type: object + properties: + id: + type: string + message: + type: string + payload: + type: object + status: + $ref: '#/components/schemas/Fleet_agent_component_status' + type: + $ref: '#/components/schemas/Fleet_agent_component_unit_type' + Fleet_agent_component_unit_type: + enum: + - input + - output + title: Agent component unit type + type: string + Fleet_agent_diagnostics: + title: Agent diagnostics + type: object + properties: + actionId: + type: string + createTime: + type: string + filePath: + type: string + id: + type: string + name: + type: string + status: + enum: + - READY + - AWAITING_UPLOAD + - DELETED + - IN_PROGRESS + required: + - id + - name + - createTime + - filePath + - actionId + - status + Fleet_agent_get_by_actions: + items: + items: + type: string + type: array + title: Agents get by action ids + type: array + Fleet_agent_metadata: + title: Agent metadata + type: object + Fleet_agent_policy: + title: Agent Policy + type: object + properties: + advanced_settings: + description: >- + Advanced settings stored in the agent policy, e.g. + agent_limits_go_max_procs + nullable: true + type: object + agent_features: + items: + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + items: + additionalProperties: + oneOf: + - type: string + - type: number + description: >- + User defined data tags that are added to all of the inputs. The + values can be strings or numbers. + type: object + type: array + id: + type: string + inactivity_timeout: + type: integer + is_protected: + description: >- + Indicates whether the agent policy has tamper protection enabled. + Default false. + type: boolean + keep_monitoring_alive: + description: >- + When set to true, monitoring will be enabled but logs/metrics + collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + type: object + properties: + limit: + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - metrics + - logs + type: string + type: array + monitoring_http: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + type: string + namespace: + type: string + overrides: + description: >- + Override settings that are defined in the agent policy. Input + settings cannot be overridden. The override option should be used + only in unusual circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + description: >- + This field is present only when retrieving a single agent policy, or + when retrieving a list of agent policies with the ?full=true + parameter + items: + $ref: '#/components/schemas/Fleet_package_policy' + type: array + revision: + type: number + supports_agentless: + description: >- + Indicates whether the agent policy supports agentless integrations. + Only allowed in a serverless environment. + type: boolean + unenroll_timeout: + type: integer + unprivileged_agents: + type: number + updated_by: + type: string + updated_on: + format: date-time + type: string + required: + - id + - status + - name + - namespace + Fleet_agent_policy_create_request: + title: Create agent policy request + type: object + properties: + agent_features: + items: + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + force: + description: Force agent policy creation even if packages are not verified. + type: boolean + global_data_tags: + items: + additionalProperties: + oneOf: + - type: string + - type: number + description: >- + User defined data tags that are added to all of the inputs. The + values can be strings or numbers. + type: object + type: array + id: + type: string + inactivity_timeout: + type: integer + is_protected: + type: boolean + monitoring_enabled: + items: + enum: + - metrics + - logs + type: string + type: array + monitoring_output_id: + nullable: true + type: string + name: + type: string + namespace: + type: string + unenroll_timeout: + type: integer + required: + - name + - namespace + Fleet_agent_policy_full: + oneOf: + - type: object + properties: + item: + type: string + - type: object + properties: + item: + $ref: '#/components/schemas/Fleet_full_agent_policy' + title: Agent policy full response + type: object + Fleet_agent_policy_update_request: + title: Update agent policy request + type: object + properties: + agent_features: + items: + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + force: + description: Force agent policy creation even if packages are not verified. + type: boolean + inactivity_timeout: + type: integer + is_protected: + type: boolean + monitoring_enabled: + items: + enum: + - metrics + - logs + type: string + type: array + monitoring_output_id: + nullable: true + type: string + name: + type: string + namespace: + type: string + unenroll_timeout: + type: integer + required: + - name + - namespace + Fleet_agent_status: + enum: + - offline + - error + - online + - inactive + - warning + title: Elastic Agent status + type: string + Fleet_agent_type: + enum: + - PERMANENT + - EPHEMERAL + - TEMPORARY + title: Agent type + type: string + Fleet_bulk_install_packages_response: + title: Bulk install packages response + type: object + properties: + items: + items: + type: object + properties: + name: + type: string + version: + type: string + type: array + response: + deprecated: true + items: + type: object + properties: + name: + type: string + version: + type: string + type: array + required: + - items + Fleet_bulk_upgrade_agents: + title: Bulk upgrade agents + type: object + properties: + agents: + oneOf: + - description: KQL query string, leave empty to action all agents + type: string + - description: list of agent IDs + items: + type: string + type: array + force: + description: Force upgrade, skipping validation (should be used with caution) + type: boolean + rollout_duration_seconds: + description: rolling upgrade window duration in seconds + type: number + skipRateLimitCheck: + description: Skip rate limit check for upgrade + type: boolean + source_uri: + description: alternative upgrade binary download url + type: string + start_time: + description: start time of upgrade in ISO 8601 format + type: string + version: + description: version to upgrade to + type: string + required: + - agents + - version + Fleet_data_stream: + title: Data stream + type: object + properties: + dashboard: + items: + type: object + properties: + id: + type: string + title: + type: string + type: array + dataset: + type: string + index: + type: string + last_activity_ms: + type: number + namespace: + type: string + package: + type: string + package_version: + type: string + size_in_bytes: + type: number + size_in_bytes_formatted: + type: string + type: + type: string + Fleet_download_sources: + title: Download Source + type: object + properties: + host: + type: string + id: + type: string + is_default: + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. See the proxies + API for more information. + nullable: true + type: string + required: + - is_default + - name + - host + Fleet_elasticsearch_asset_type: + enum: + - component_template + - ingest_pipeline + - index_template + - ilm_policy + - transform + - data_stream_ilm_policy + title: Elasticsearch asset type + type: string + Fleet_enrollment_api_key: + title: Enrollment API key + type: object + properties: + active: + description: >- + When false, the enrollment API key is revoked and cannot be used for + enrolling Elastic Agents. + type: boolean + api_key: + description: The enrollment API key (token) used for enrolling Elastic Agents. + type: string + api_key_id: + description: The ID of the API key in the Security API. + type: string + created_at: + type: string + id: + type: string + name: + description: The name of the enrollment API key. + type: string + policy_id: + description: The ID of the agent policy the Elastic Agent will be enrolled in. + type: string + required: + - id + - api_key_id + - api_key + - active + - created_at + Fleet_fleet_server_host: + title: Fleet Server Host + type: object + properties: + host_urls: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + type: string + required: + - fleet_server_hosts + - id + - is_default + - is_preconfigured + - host_urls + Fleet_fleet_settings_response: + title: Fleet settings response + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_settings' + required: + - item + Fleet_fleet_setup_response: + title: Fleet Setup response + type: object + properties: + isInitialized: + type: boolean + nonFatalErrors: + items: + type: object + properties: + message: + type: string + name: + type: string + required: + - name + - message + type: array + required: + - isInitialized + - nonFatalErrors + Fleet_fleet_status_response: + title: Fleet status response + type: object + properties: + isReady: + type: boolean + missing_optional_features: + items: + enum: + - encrypted_saved_object_encryption_key_required + type: string + type: array + missing_requirements: + items: + enum: + - tls_required + - api_keys + - fleet_admin_user + - fleet_server + type: string + type: array + package_verification_key_id: + type: string + required: + - isReady + - missing_requirements + - missing_optional_features + Fleet_full_agent_policy: + title: Full agent policy + type: object + properties: + agent: + nullable: true + type: string + fleet: + oneOf: + - type: object + properties: + hosts: + items: + type: string + type: array + proxy_headers: {} + proxy_url: + type: string + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + renegotiation: + type: string + verification_mode: + type: string + - type: object + properties: + kibana: + type: object + properties: + hosts: + items: + type: string + type: array + path: + type: string + protocol: + type: string + id: + type: string + inputs: + type: string + monitoring: + type: object + properties: + diagnostics: + type: object + properties: + limit: + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + enabled: + type: boolean + http: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: number + required: + - enabled + logs: + type: boolean + metrics: + type: boolean + namespace: + type: string + pprof: + type: object + properties: + enabled: + type: boolean + required: + - enabled + traces: + type: boolean + use_output: + type: string + required: + - enabled + - metrics + - logs + - traces + output_permissions: + additionalProperties: + type: object + properties: + data: + $ref: >- + #/components/schemas/Fleet_full_agent_policy_output_permissions + output: + type: integer + type: object + outputs: + additionalProperties: + $ref: '#/components/schemas/Fleet_full_agent_policy_output' + type: object + revision: + type: number + secret_references: + items: + type: object + properties: + id: + type: string + type: array + required: + - id + - outputs + - inputs + Fleet_full_agent_policy_input: + allOf: + - additionalProperties: true + type: object + properties: + data_stream: + type: object + properties: + namespace: + type: string + required: + - namespace + id: + type: string + meta: + additionalProperties: true + type: object + properties: + package: + type: object + properties: + name: + type: string + version: + type: string + required: + - name + - version + name: + type: string + revision: + type: number + streams: + $ref: '#/components/schemas/Fleet_full_agent_policy_input_stream' + type: + type: string + use_output: + type: string + required: + - id + - name + - revision + - type + - data_stream + - use_output + title: Full agent policy input + Fleet_full_agent_policy_input_stream: + allOf: + - additionalProperties: true + type: object + properties: + data_stream: + type: object + properties: + dataset: + type: string + type: + type: string + required: + - dataset + - type + id: + type: string + required: + - id + - data_stream + title: Full agent policy input stream + Fleet_full_agent_policy_output: + title: Full agent policy + type: object + properties: + additionalProperties: + type: object + properties: + text: {} + ca_sha256: + nullable: true + type: string + hosts: + items: + type: string + type: array + proxy_headers: {} + proxy_url: + type: string + type: {} + required: + - type + - hosts + - ca_sha256 + Fleet_full_agent_policy_output_permissions: + additionalProperties: + type: object + properties: + data: + type: object + properties: + cluster: + items: + type: string + type: array + indices: + items: + type: object + properties: + names: + items: + type: string + type: array + privileges: + items: + type: string + type: array + type: array + packagePolicyName: + type: string + title: Full agent policy output permissions + Fleet_get_agent_tags_response: + title: Get Agent Tags response + type: object + properties: + items: + items: + type: string + type: array + Fleet_get_agents_response: + title: Get Agent response + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_agent' + type: array + list: + deprecated: true + items: + $ref: '#/components/schemas/Fleet_agent' + type: array + page: + type: number + perPage: + type: number + statusSummary: + type: object + properties: + degraded': + type: number + enrolling: + type: number + error: + type: number + inactive: + type: number + offline: + type: number + online: + type: number + unenrolled: + type: number + unenrolling: + type: number + updating: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + Fleet_get_bulk_assets_response: + deprecated: true + properties: + items: + items: + type: object + properties: + appLink: + type: string + attributes: + type: object + properties: + description: + type: string + title: + type: string + id: + type: string + type: + $ref: '#/components/schemas/Fleet_saved_object_type' + updatedAt: + type: string + type: array + required: + - items + title: Bulk get assets response + type: object + Fleet_get_categories_response: + title: Get categories response + type: object + properties: + items: + items: + type: object + properties: + count: + type: number + id: + type: string + title: + type: string + required: + - id + - title + - count + type: array + response: + items: + deprecated: true + type: object + properties: + count: + type: number + id: + type: string + title: + type: string + required: + - id + - title + - count + type: array + required: + - items + Fleet_get_packages_response: + title: Get Packages response + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_search_result' + type: array + response: + deprecated: true + items: + $ref: '#/components/schemas/Fleet_search_result' + type: array + required: + - items + Fleet_installation_info: + title: Installation info object + type: object + properties: + created_at: + type: string + experimental_data_stream_features: + type: array + properties: + data_stream: + type: string + features: + type: object + properties: + doc_value_only_numeric: + nullable: true + type: boolean + doc_value_only_other: + nullable: true + type: boolean + synthetic_source: + nullable: true + type: boolean + tsdb: + nullable: true + type: boolean + install_format_schema_version: + type: string + install_kibana_space_id: + type: string + install_source: + enum: + - registry + - upload + - bundled + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + $ref: '#/components/schemas/Fleet_elasticsearch_asset_type' + installed_kibana: + type: object + properties: + id: + type: string + type: + $ref: '#/components/schemas/Fleet_kibana_saved_object_type' + latest_executed_state: + description: Latest successfully executed state in package install state machine + type: object + properties: + error: + type: string + name: + enum: + - create_restart_installation + - install_kibana_assets + - install_ilm_policies + - install_ml_model + - install_index_template_pipelines + - remove_legacy_templates + - update_current_write_indices + - install_transforms + - delete_previous_pipelines + - save_archive_entries_from_assets_map + - update_so + type: string + started_at: + type: string + latest_install_failed_attempts: + description: Latest failed install errors + items: + type: object + properties: + created_at: + type: string + error: + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + target_version: + type: string + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - verified + - unverified + - unknown + type: string + version: + type: string + required: + - installed_kibana + - installed_es + - name + - version + - install_status + - install_version + - install_started_at + - install_source + - verification_status + - latest_install_failed_attempts + Fleet_kibana_saved_object_type: + enum: + - dashboard + - visualization + - search + - index-pattern + - map + - lens + - ml-module + - security-rule + - csp_rule_template + title: Kibana saved object asset type + type: string + Fleet_new_package_policy: + description: '' + properties: + description: + type: string + enabled: + type: boolean + inputs: + items: + type: object + properties: + config: + type: object + enabled: + type: boolean + processors: + items: + type: string + type: array + streams: + items: {} + type: array + type: + type: string + vars: + type: object + required: + - type + - enabled + type: array + name: + type: string + namespace: + type: string + output_id: + type: string + overrides: + type: object + package: + type: object + properties: + name: + type: string + requires_root: + type: boolean + title: + type: string + version: + type: string + required: + - name + - version + policy_id: + deprecated: true + nullable: true + type: string + policy_ids: + items: + type: string + type: array + required: + - inputs + - name + title: New package policy + type: object + Fleet_output_create_request: + discriminator: + mapping: + elasticsearch: '#/components/schemas/Fleet_output_create_request_elasticsearch' + kafka: '#/components/schemas/Fleet_output_create_request_kafka' + logstash: '#/components/schemas/Fleet_output_create_request_logstash' + remote_elasticsearch: >- + #/components/schemas/Fleet_output_create_request_remote_elasticsearch + propertyName: type + oneOf: + - $ref: '#/components/schemas/Fleet_output_create_request_elasticsearch' + - $ref: '#/components/schemas/Fleet_output_create_request_kafka' + - $ref: '#/components/schemas/Fleet_output_create_request_logstash' + - $ref: >- + #/components/schemas/Fleet_output_create_request_remote_elasticsearch + title: Output + Fleet_output_create_request_elasticsearch: + title: elasticsearch + type: object + properties: + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + config: + type: object + config_yaml: + type: string + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + Fleet_output_create_request_kafka: + title: kafka + type: object + properties: + auth_type: + type: string + broker_timeout: + type: number + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + client_id: + type: string + compression: + type: string + compression_level: + type: number + config: + type: object + config_yaml: + type: string + connection_type: + enum: + - plaintext + - encryption + type: string + headers: + items: + type: object + properties: + key: + type: string + value: + type: string + type: array + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + key: + type: string + name: + type: string + partition: + type: string + password: + type: string + proxy_id: + type: string + random: + type: object + properties: + group_events: + type: number + required_acks: + type: number + round_robin: + type: object + properties: + group_events: + type: number + sasl: + type: object + properties: + mechanism: + type: string + secrets: + type: object + properties: + password: + type: string + ssl: + type: object + properties: + key: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - none + - full + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + deprecated: true + description: Use topic instead. + items: + type: object + properties: + topic: + type: string + when: + deprecated: true + description: >- + Deprecated, kafka output do not support conditionnal topics + anymore. + type: object + properties: + condition: + type: string + type: + type: string + type: array + type: + enum: + - kafka + type: string + username: + type: string + version: + type: string + required: + - name + - type + - topics + - auth_type + - hosts + Fleet_output_create_request_logstash: + title: logstash + type: object + properties: + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + config: + type: object + config_yaml: + type: string + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + name: + type: string + proxy_id: + type: string + secrets: + type: object + properties: + ssl: + type: object + properties: + key: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + type: + enum: + - logstash + type: string + required: + - name + - hosts + - type + Fleet_output_create_request_remote_elasticsearch: + title: remote_elasticsearch + type: object + properties: + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + name: + type: string + secrets: + type: object + properties: + service_token: + type: string + service_token: + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + Fleet_output_update_request: + discriminator: + mapping: + elasticsearch: '#/components/schemas/Fleet_output_update_request_elasticsearch' + kafka: '#/components/schemas/Fleet_output_update_request_kafka' + logstash: '#/components/schemas/Fleet_output_update_request_logstash' + propertyName: type + oneOf: + - $ref: '#/components/schemas/Fleet_output_update_request_elasticsearch' + - $ref: '#/components/schemas/Fleet_output_update_request_kafka' + - $ref: '#/components/schemas/Fleet_output_update_request_logstash' + title: Output + Fleet_output_update_request_elasticsearch: + title: elasticsearch + type: object + properties: + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + config: + type: object + config_yaml: + type: string + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - hosts + - type + Fleet_output_update_request_kafka: + title: kafka + type: object + properties: + auth_type: + type: string + broker_timeout: + type: number + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + client_id: + type: string + compression: + type: string + compression_level: + type: number + config: + type: object + config_yaml: + type: string + connection_type: + enum: + - plaintext + - encryption + type: string + headers: + items: + type: object + properties: + key: + type: string + value: + type: string + type: array + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + key: + type: string + name: + type: string + partition: + type: string + password: + type: string + proxy_id: + type: string + random: + type: object + properties: + group_events: + type: number + required_acks: + type: number + round_robin: + type: object + properties: + group_events: + type: number + sasl: + type: object + properties: + mechanism: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - none + - full + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + deprecated: true + description: Use topic instead. + items: + type: object + properties: + topic: + type: string + when: + deprecated: true + description: >- + Deprecated, kafka output do not support conditionnal topics + anymore. + type: object + properties: + condition: + type: string + type: + type: string + type: array + type: + enum: + - kafka + type: string + username: + type: string + version: + type: string + required: + - name + Fleet_output_update_request_logstash: + title: logstash + type: object + properties: + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + config: + type: object + config_yaml: + type: string + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + name: + type: string + proxy_id: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + type: + enum: + - logstash + type: string + required: + - name + Fleet_package_info: + title: Package information + type: object + properties: + assets: + items: + type: string + type: array + categories: + items: + type: string + type: array + conditions: + type: object + properties: + elasticsearch: + type: object + properties: + subscription: + enum: + - basic + - gold + - platinum + - enterprise + type: string + kibana: + type: object + properties: + versions: + type: string + data_streams: + items: + type: object + properties: + ingeset_pipeline: + type: string + name: + type: string + package: + type: string + release: + type: string + title: + type: string + type: + type: string + vars: + items: + type: object + properties: + default: + type: string + name: + type: string + required: + - name + - default + type: array + required: + - title + - name + - release + - ingeset_pipeline + - type + - package + type: array + description: + type: string + download: + type: string + elasticsearch: + type: object + properties: + privileges: + type: object + properties: + cluster: + items: + type: string + type: array + format_version: + type: string + icons: + items: + type: string + type: array + internal: + type: boolean + name: + type: string + path: + type: string + readme: + type: string + release: + deprecated: true + description: >- + release label is deprecated, derive from the version instead + (packages follow semver) + enum: + - experimental + - beta + - ga + type: string + screenshots: + items: + type: object + properties: + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + - path + type: array + source: + type: object + properties: + license: + enum: + - Apache-2.0 + - Elastic-2.0 + type: string + title: + type: string + type: + type: string + version: + type: string + required: + - name + - title + - version + - description + - type + - categories + - conditions + - assets + - format_version + - download + - path + Fleet_package_policy: + allOf: + - type: object + properties: + id: + type: string + inputs: + oneOf: + - items: {} + type: array + - type: object + revision: + type: number + required: + - id + - revision + - $ref: '#/components/schemas/Fleet_new_package_policy' + title: Package policy + Fleet_package_policy_request: + title: Package Policy Request + type: object + properties: + description: + description: Package policy description + example: my description + type: string + force: + description: >- + Force package policy creation even if package is not verified, or if + the agent policy is managed. + type: boolean + id: + description: Package policy unique identifier + type: string + inputs: + additionalProperties: + type: object + properties: + enabled: + description: enable or disable that input, (default to true) + type: boolean + streams: + additionalProperties: + type: object + properties: + enabled: + description: enable or disable that stream, (default to true) + type: boolean + vars: + description: >- + Stream level variable (see integration documentation for + more information) + type: object + description: >- + Input streams (see integration documentation to know what + streams are available) + type: object + vars: + description: >- + Input level variable (see integration documentation for more + information) + type: object + description: >- + Package policy inputs (see integration documentation to know what + inputs are available) + example: + nginx-logfile: + enabled: true + streams: + nginx.access: + enabled: true + vars: + ignore_older: 72h + paths: + - /var/log/nginx/access.log* + preserve_original_event: false + tags: + - nginx-access + type: object + name: + description: Package policy name (should be unique) + example: nginx-123 + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit the agent + policy's namespace. + example: customnamespace + type: string + output_id: + description: Output ID to send package data to + example: output-id + nullable: true + type: string + overrides: + description: >- + Override settings that are defined in the package policy. The + override option should be used only in unusual circumstances and not + as a routine procedure. + nullable: true + type: object + properties: + inputs: + type: object + package: + type: object + properties: + name: + description: Package name + example: nginx + type: string + version: + description: Package version + example: 1.6.0 + type: string + required: + - name + - version + policy_id: + deprecated: true + description: Agent policy ID where that package policy will be added + example: agent-policy-id + nullable: true + type: string + policy_ids: + description: Agent policy IDs where that package policy will be added + example: + - agent-policy-id + items: + type: string + type: array + vars: + description: >- + Package root level variable (see integration documentation for more + information) + type: object + required: + - name + - package + Fleet_package_usage_stats: + title: Package usage stats + type: object + properties: + agent_policy_count: + type: integer + required: + - agent_policy_count + Fleet_proxies: + title: Fleet Proxy + type: object + properties: + certificate: + type: string + certificate_authorities: + type: string + certificate_key: + type: string + id: + type: string + name: + type: string + proxy_headers: + type: object + url: + type: string + required: + - name + - url + Fleet_saved_object_type: + oneOf: + - enum: + - dashboard + - visualization + - search + - index_pattern + - map + - lens + - security_rule + - csp_rule_template + - ml_module + - tag + - osquery_pack_asset + - osquery_saved_query + type: string + - enum: + - index + - component_template + - ingest_pipeline + - index_template + - ilm_policy + - transform + - data_stream_ilm_policy + - ml_model + type: string + title: Saved Object type + Fleet_search_result: + title: Search result + type: object + properties: + description: + type: string + download: + type: string + icons: + type: string + installationInfo: + $ref: '#/components/schemas/Fleet_installation_info' + name: + type: string + path: + type: string + savedObject: + deprecated: true + type: object + status: + type: string + title: + type: string + type: + type: string + version: + type: string + required: + - description + - download + - icons + - name + - path + - title + - type + - version + - status + Fleet_settings: + title: Settings + type: object + properties: + fleet_server_hosts: + deprecated: true + items: + type: string + type: array + has_seen_add_data_notice: + type: boolean + id: + type: string + prerelease_integrations_enabled: + type: boolean + required: + - fleet_server_hosts + - id + Fleet_upgrade_agent: + title: Upgrade agent + type: object + properties: + force: + description: Force upgrade, skipping validation (should be used with caution) + type: boolean + skipRateLimitCheck: + description: Skip rate limit check for upgrade + type: boolean + source_uri: + type: string + version: + type: string + required: + - version + Fleet_upgrade_agent_diff: + items: + items: + $ref: '#/components/schemas/Fleet_full_agent_policy_input' + type: array + title: Package policy Upgrade dryrun + type: array + Fleet_upgrade_diff: + items: + allOf: + - $ref: '#/components/schemas/Fleet_package_policy' + - allOf: + - $ref: '#/components/schemas/Fleet_new_package_policy' + - type: object + properties: + errors: + items: + type: object + properties: + key: + type: string + message: + type: string + type: array + missingVars: + items: + type: string + type: array + type: object + title: Package policy Upgrade dryrun + type: array + Kibana_HTTP_APIs_core_status_redactedResponse: + additionalProperties: false + description: A minimal representation of Kibana's operational status. + type: object + properties: + status: + additionalProperties: false + type: object + properties: + overall: + additionalProperties: false + type: object + properties: + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + required: + - level + required: + - overall + required: + - status + Kibana_HTTP_APIs_core_status_response: + additionalProperties: false + description: >- + Kibana's operational status as well as a detailed breakdown of plugin + statuses indication of various loads (like event loop utilization and + network traffic) at time of request. + type: object + properties: + metrics: + additionalProperties: false + description: Metric groups collected by Kibana. + type: object + properties: + collection_interval_in_millis: + description: The interval at which metrics should be collected. + type: number + elasticsearch_client: + additionalProperties: false + description: Current network metrics of Kibana's Elasticsearch client. + type: object + properties: + totalActiveSockets: + description: Count of network sockets currently in use. + type: number + totalIdleSockets: + description: Count of network sockets currently idle. + type: number + totalQueuedRequests: + description: Count of requests not yet assigned to sockets. + type: number + required: + - totalActiveSockets + - totalIdleSockets + - totalQueuedRequests + last_updated: + description: The time metrics were collected. + type: string + required: + - elasticsearch_client + - last_updated + - collection_interval_in_millis + name: + description: Kibana instance name. + type: string + status: + additionalProperties: false + type: object + properties: + core: + additionalProperties: false + description: Statuses of core Kibana services. + type: object + properties: + elasticsearch: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: >- + An unstructured set of extra metadata about this + service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + savedObjects: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: >- + An unstructured set of extra metadata about this + service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + required: + - elasticsearch + - savedObjects + overall: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + plugins: + additionalProperties: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + description: A dynamic mapping of plugin ID to plugin status. + type: object + required: + - overall + - core + - plugins + uuid: + description: >- + Unique, generated Kibana instance UUID. This UUID should persist + even if the Kibana process restarts. + type: string + version: + additionalProperties: false + type: object + properties: + build_date: + description: The date and time of this build. + type: string + build_flavor: + description: >- + The build flavour determines configuration and behavior of + Kibana. On premise users will almost always run the + "traditional" flavour, while other flavours are reserved for + Elastic-specific use cases. + enum: + - serverless + - traditional + type: string + build_hash: + description: >- + A unique hash value representing the git commit of this Kibana + build. + type: string + build_number: + description: >- + A monotonically increasing number, each subsequent build will + have a higher number. + type: number + build_snapshot: + description: Whether this build is a snapshot build. + type: boolean + number: + description: A semantic version number. + type: string + required: + - number + - build_hash + - build_number + - build_snapshot + - build_flavor + - build_date + required: + - name + - uuid + - version + - status + - metrics + Machine_learning_APIs_mlSync200Response: + properties: + datafeedsAdded: + additionalProperties: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' + description: >- + If a saved object for an anomaly detection job is missing a datafeed + identifier, it is added when you run the sync machine learning saved + objects API. + type: object + datafeedsRemoved: + additionalProperties: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' + description: >- + If a saved object for an anomaly detection job references a datafeed + that no longer exists, it is deleted when you run the sync machine + learning saved objects API. + type: object + savedObjectsCreated: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsCreated + savedObjectsDeleted: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted + title: Successful sync API response + type: object + Machine_learning_APIs_mlSync4xxResponse: + properties: + error: + example: Unauthorized + type: string + message: + type: string + statusCode: + example: 401 + type: integer + title: Unsuccessful sync API response + type: object + Machine_learning_APIs_mlSyncResponseAnomalyDetectors: + description: >- + The sync machine learning saved objects API response contains this + object when there are anomaly detection jobs affected by the + synchronization. There is an object for each relevant job, which + contains the synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for anomaly detection jobs + type: object + Machine_learning_APIs_mlSyncResponseDatafeeds: + description: >- + The sync machine learning saved objects API response contains this + object when there are datafeeds affected by the synchronization. There + is an object for each relevant datafeed, which contains the + synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for datafeeds + type: object + Machine_learning_APIs_mlSyncResponseDataFrameAnalytics: + description: >- + The sync machine learning saved objects API response contains this + object when there are data frame analytics jobs affected by the + synchronization. There is an object for each relevant job, which + contains the synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for data frame analytics jobs + type: object + Machine_learning_APIs_mlSyncResponseSavedObjectsCreated: + description: >- + If saved objects are missing for machine learning jobs or trained + models, they are created when you run the sync machine learning saved + objects API. + properties: + anomaly-detector: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors + description: >- + If saved objects are missing for anomaly detection jobs, they are + created. + type: object + data-frame-analytics: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics + description: >- + If saved objects are missing for data frame analytics jobs, they are + created. + type: object + trained-model: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels + description: If saved objects are missing for trained models, they are created. + type: object + title: Sync API response for created saved objects + type: object + Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted: + description: >- + If saved objects exist for machine learning jobs or trained models that + no longer exist, they are deleted when you run the sync machine learning + saved objects API. + properties: + anomaly-detector: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors + description: >- + If there are saved objects exist for nonexistent anomaly detection + jobs, they are deleted. + type: object + data-frame-analytics: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics + description: >- + If there are saved objects exist for nonexistent data frame + analytics jobs, they are deleted. + type: object + trained-model: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels + description: >- + If there are saved objects exist for nonexistent trained models, + they are deleted. + type: object + title: Sync API response for deleted saved objects + type: object + Machine_learning_APIs_mlSyncResponseSuccess: + description: The success or failure of the synchronization. + type: boolean + Machine_learning_APIs_mlSyncResponseTrainedModels: + description: >- + The sync machine learning saved objects API response contains this + object when there are trained models affected by the synchronization. + There is an object for each relevant trained model, which contains the + synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for trained models + type: object + Security_AI_Assistant_API_AnonymizationFieldCreateProps: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + field: + type: string + required: + - field + Security_AI_Assistant_API_AnonymizationFieldDetailsInError: + type: object + properties: + id: + type: string + name: + type: string + required: + - id + Security_AI_Assistant_API_AnonymizationFieldResponse: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + createdAt: + type: string + createdBy: + type: string + field: + type: string + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + namespace: + description: Kibana space + type: string + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + updatedAt: + type: string + updatedBy: + type: string + required: + - id + - field + Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipReason: + enum: + - ANONYMIZATION_FIELD_NOT_MODIFIED + type: string + Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipReason + required: + - id + - skip_reason + Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse: + type: object + properties: + anonymization_fields_count: + type: integer + attributes: + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_NormalizedAnonymizationFieldError + type: array + results: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResults + summary: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_BulkCrudActionSummary + required: + - results + - summary + message: + type: string + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResults: + type: object + properties: + created: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + deleted: + items: + type: string + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipResult + type: array + updated: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + required: + - updated + - created + - deleted + - skipped + Security_AI_Assistant_API_AnonymizationFieldUpdateProps: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + id: + type: string + required: + - id + Security_AI_Assistant_API_ApiConfig: + type: object + properties: + actionTypeId: + description: action type id + type: string + connectorId: + description: connector id + type: string + defaultSystemPromptId: + description: defaultSystemPromptId + type: string + model: + description: model + type: string + provider: + $ref: '#/components/schemas/Security_AI_Assistant_API_Provider' + description: Provider + required: + - connectorId + - actionTypeId + Security_AI_Assistant_API_BulkCrudActionSummary: + type: object + properties: + failed: + type: integer + skipped: + type: integer + succeeded: + type: integer + total: + type: integer + required: + - failed + - skipped + - succeeded + - total + Security_AI_Assistant_API_ChatCompleteProps: + type: object + properties: + connectorId: + type: string + conversationId: + type: string + isStream: + type: boolean + langSmithApiKey: + type: string + langSmithProject: + type: string + messages: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatMessage' + type: array + model: + type: string + persist: + type: boolean + promptId: + type: string + responseLanguage: + type: string + required: + - messages + - persist + - connectorId + Security_AI_Assistant_API_ChatMessage: + description: AI assistant message. + type: object + properties: + content: + description: Message content. + type: string + data: + $ref: '#/components/schemas/Security_AI_Assistant_API_MessageData' + description: ECS object to attach to the context of the message. + fields_to_anonymize: + items: + type: string + type: array + role: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatMessageRole' + description: Message role. + required: + - role + Security_AI_Assistant_API_ChatMessageRole: + description: Message role. + enum: + - system + - user + - assistant + type: string + Security_AI_Assistant_API_ConversationCategory: + description: The conversation category. + enum: + - assistant + - insights + type: string + Security_AI_Assistant_API_ConversationConfidence: + description: The conversation confidence. + enum: + - low + - medium + - high + type: string + Security_AI_Assistant_API_ConversationCreateProps: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + description: The conversation id. + type: string + isDefault: + description: Is default conversation. + type: boolean + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + title: + description: The conversation title. + type: string + required: + - title + Security_AI_Assistant_API_ConversationResponse: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + createdAt: + description: The last time conversation was updated. + type: string + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + isDefault: + description: Is default conversation. + type: boolean + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + namespace: + description: Kibana space + type: string + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + summary: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationSummary' + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + title: + description: The conversation title. + type: string + updatedAt: + description: The last time conversation was updated. + type: string + users: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_User' + type: array + required: + - id + - title + - createdAt + - users + - namespace + - category + Security_AI_Assistant_API_ConversationSummary: + type: object + properties: + confidence: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationConfidence + description: >- + How confident you are about this being a correct and useful + learning. + content: + description: Summary text of the conversation over time. + type: string + public: + description: Define if summary is marked as publicly available. + type: boolean + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + description: The timestamp summary was updated. + Security_AI_Assistant_API_ConversationUpdateProps: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + summary: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationSummary' + title: + description: The conversation title. + type: string + required: + - id + Security_AI_Assistant_API_FindAnonymizationFieldsSortField: + enum: + - created_at + - anonymized + - allowed + - field + - updated_at + type: string + Security_AI_Assistant_API_FindConversationsSortField: + enum: + - created_at + - is_default + - title + - updated_at + type: string + Security_AI_Assistant_API_FindPromptsSortField: + enum: + - created_at + - is_default + - name + - updated_at + type: string + Security_AI_Assistant_API_Message: + description: AI assistant conversation message. + type: object + properties: + content: + description: Message content. + type: string + isError: + description: Is error message. + type: boolean + reader: + $ref: '#/components/schemas/Security_AI_Assistant_API_Reader' + description: Message content. + role: + $ref: '#/components/schemas/Security_AI_Assistant_API_MessageRole' + description: Message role. + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + description: The timestamp message was sent or received. + traceData: + $ref: '#/components/schemas/Security_AI_Assistant_API_TraceData' + description: trace Data + required: + - timestamp + - content + - role + Security_AI_Assistant_API_MessageData: + additionalProperties: true + type: object + Security_AI_Assistant_API_MessageRole: + description: Message role. + enum: + - system + - user + - assistant + type: string + Security_AI_Assistant_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_AI_Assistant_API_NormalizedAnonymizationFieldError: + type: object + properties: + anonymization_fields: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldDetailsInError + type: array + err_code: + type: string + message: + type: string + status_code: + type: integer + required: + - message + - status_code + - anonymization_fields + Security_AI_Assistant_API_NormalizedPromptError: + type: object + properties: + err_code: + type: string + message: + type: string + prompts: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptDetailsInError + type: array + status_code: + type: integer + required: + - message + - status_code + - prompts + Security_AI_Assistant_API_PromptCreateProps: + type: object + properties: + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + name: + type: string + promptType: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptType' + required: + - name + - content + - promptType + Security_AI_Assistant_API_PromptDetailsInError: + type: object + properties: + id: + type: string + name: + type: string + required: + - id + Security_AI_Assistant_API_PromptResponse: + type: object + properties: + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + createdAt: + type: string + createdBy: + type: string + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + name: + type: string + namespace: + description: Kibana space + type: string + promptType: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptType' + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + updatedAt: + type: string + updatedBy: + type: string + users: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_User' + type: array + required: + - id + - name + - promptType + - content + Security_AI_Assistant_API_PromptsBulkActionSkipReason: + enum: + - PROMPT_FIELD_NOT_MODIFIED + type: string + Security_AI_Assistant_API_PromptsBulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkActionSkipReason + required: + - id + - skip_reason + Security_AI_Assistant_API_PromptsBulkCrudActionResponse: + type: object + properties: + attributes: + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_NormalizedPromptError + type: array + results: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResults + summary: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_BulkCrudActionSummary + required: + - results + - summary + message: + type: string + prompts_count: + type: integer + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_AI_Assistant_API_PromptsBulkCrudActionResults: + type: object + properties: + created: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptResponse' + type: array + deleted: + items: + type: string + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkActionSkipResult + type: array + updated: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptResponse' + type: array + required: + - updated + - created + - deleted + - skipped + Security_AI_Assistant_API_PromptType: + description: Prompt type + enum: + - system + - quick + type: string + Security_AI_Assistant_API_PromptUpdateProps: + type: object + properties: + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + id: + type: string + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + required: + - id + Security_AI_Assistant_API_Provider: + description: Provider + enum: + - OpenAI + - Azure OpenAI + type: string + Security_AI_Assistant_API_Reader: + additionalProperties: true + type: object + Security_AI_Assistant_API_Replacements: + additionalProperties: + type: string + description: Replacements object used to anonymize/deanomymize messsages + type: object + Security_AI_Assistant_API_SortOrder: + enum: + - asc + - desc + type: string + Security_AI_Assistant_API_TraceData: + description: trace Data + type: object + properties: + traceId: + description: Could be any string, not necessarily a UUID + type: string + transactionId: + description: Could be any string, not necessarily a UUID + type: string + Security_AI_Assistant_API_User: + description: Could be any string, not necessarily a UUID + type: object + properties: + id: + description: User id + type: string + name: + description: User name + type: string + Security_Solution_Detections_API_AlertAssignees: + type: object + properties: + add: + description: A list of users ids to assign. + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + remove: + description: A list of users ids to unassign. + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + required: + - add + - remove + Security_Solution_Detections_API_AlertIds: + description: A list of alerts ids. + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + minItems: 1 + type: array + Security_Solution_Detections_API_AlertsIndex: + deprecated: true + description: (deprecated) Has no effect. + type: string + Security_Solution_Detections_API_AlertsIndexNamespace: + description: Has no effect. + type: string + Security_Solution_Detections_API_AlertsSort: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsSortCombinations + - items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsSortCombinations + type: array + Security_Solution_Detections_API_AlertsSortCombinations: + anyOf: + - type: string + - additionalProperties: true + type: object + Security_Solution_Detections_API_AlertStatus: + enum: + - open + - closed + - acknowledged + - in-progress + type: string + Security_Solution_Detections_API_AlertSuppression: + type: object + properties: + duration: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionDuration + group_by: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionGroupBy + missing_fields_strategy: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionMissingFieldsStrategy + required: + - group_by + Security_Solution_Detections_API_AlertSuppressionDuration: + type: object + properties: + unit: + enum: + - s + - m + - h + type: string + value: + minimum: 1 + type: integer + required: + - value + - unit + Security_Solution_Detections_API_AlertSuppressionGroupBy: + items: + type: string + maxItems: 3 + minItems: 1 + type: array + Security_Solution_Detections_API_AlertSuppressionMissingFieldsStrategy: + description: >- + Describes how alerts will be generated for documents with missing + suppress by fields: + + doNotSuppress - per each document a separate alert will be created + + suppress - only alert will be created per suppress by bucket + enum: + - doNotSuppress + - suppress + type: string + Security_Solution_Detections_API_AlertTag: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + Security_Solution_Detections_API_AlertTags: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertTag' + type: array + Security_Solution_Detections_API_AnomalyThreshold: + description: Anomaly threshold + minimum: 0 + type: integer + Security_Solution_Detections_API_BuildingBlockType: + description: >- + Determines if the rule acts as a building block. By default, + building-block alerts are not displayed in the UI. These rules are used + as a foundation for other rules that do generate alerts. Its value must + be default. + type: string + Security_Solution_Detections_API_BulkActionEditPayload: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadTags + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadIndexPatterns + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadInvestigationFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadTimeline + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadRuleActions + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadSchedule + Security_Solution_Detections_API_BulkActionEditPayloadIndexPatterns: + type: object + properties: + overwrite_data_views: + type: boolean + type: + enum: + - add_index_patterns + - delete_index_patterns + - set_index_patterns + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadInvestigationFields: + type: object + properties: + type: + enum: + - add_investigation_fields + - delete_investigation_fields + - set_investigation_fields + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadRuleActions: + type: object + properties: + type: + enum: + - add_rule_actions + - set_rule_actions + type: string + value: + type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NormalizedRuleAction + type: array + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThrottleForBulkActions + required: + - actions + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadSchedule: + type: object + properties: + type: + enum: + - set_schedule + type: string + value: + type: object + properties: + interval: + description: >- + Interval in which the rule runs. For example, `"1h"` means the + rule runs every hour. + example: 1h + pattern: ^[1-9]\d*[smh]$ + type: string + lookback: + description: Lookback time for the rule + example: 1h + pattern: ^[1-9]\d*[smh]$ + type: string + required: + - interval + - lookback + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadTags: + type: object + properties: + type: + enum: + - add_tags + - delete_tags + - set_tags + type: string + value: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleTagArray' + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadTimeline: + type: object + properties: + type: + enum: + - set_timeline + type: string + value: + type: object + properties: + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + required: + - timeline_id + - timeline_title + required: + - type + - value + Security_Solution_Detections_API_BulkActionsDryRunErrCode: + enum: + - IMMUTABLE + - MACHINE_LEARNING_AUTH + - MACHINE_LEARNING_INDEX_PATTERN + - ESQL_INDEX_PATTERN + - MANUAL_RULE_RUN_FEATURE + - MANUAL_RULE_RUN_DISABLED_RULE + type: string + Security_Solution_Detections_API_BulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditSkipReason + required: + - id + - skip_reason + Security_Solution_Detections_API_BulkDeleteRules: + type: object + properties: + action: + enum: + - delete + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkDisableRules: + type: object + properties: + action: + enum: + - disable + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkDuplicateRules: + type: object + properties: + action: + enum: + - duplicate + type: string + duplicate: + type: object + properties: + include_exceptions: + description: Whether to copy exceptions from the original rule + type: boolean + include_expired_exceptions: + description: Whether to copy expired exceptions from the original rule + type: boolean + required: + - include_exceptions + - include_expired_exceptions + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkEditActionResponse: + type: object + properties: + attributes: + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NormalizedRuleError + type: array + results: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditActionResults + summary: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditActionSummary + required: + - results + - summary + message: + type: string + rules_count: + type: integer + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_Solution_Detections_API_BulkEditActionResults: + type: object + properties: + created: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleResponse' + type: array + deleted: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleResponse' + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionSkipResult + type: array + updated: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleResponse' + type: array + required: + - updated + - created + - deleted + - skipped + Security_Solution_Detections_API_BulkEditActionSummary: + type: object + properties: + failed: + type: integer + skipped: + type: integer + succeeded: + type: integer + total: + type: integer + required: + - failed + - skipped + - succeeded + - total + Security_Solution_Detections_API_BulkEditRules: + type: object + properties: + action: + enum: + - edit + type: string + edit: + description: Array of objects containing the edit operations + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayload + minItems: 1 + type: array + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + - edit + Security_Solution_Detections_API_BulkEditSkipReason: + enum: + - RULE_NOT_MODIFIED + type: string + Security_Solution_Detections_API_BulkEnableRules: + type: object + properties: + action: + enum: + - enable + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkExportActionResponse: + type: string + Security_Solution_Detections_API_BulkExportRules: + type: object + properties: + action: + enum: + - export + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkManualRuleRun: + type: object + properties: + action: + enum: + - run + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + run: + type: object + properties: + end_date: + description: End date of the manual rule run + type: string + start_date: + description: Start date of the manual rule run + type: string + required: + - start_date + required: + - action + - run + Security_Solution_Detections_API_ConcurrentSearches: + minimum: 1 + type: integer + Security_Solution_Detections_API_DataViewId: + type: string + Security_Solution_Detections_API_DefaultParams: + type: object + properties: + command: + enum: + - isolate + type: string + comment: + type: string + required: + - command + Security_Solution_Detections_API_EcsMapping: + additionalProperties: + type: object + properties: + field: + type: string + value: + oneOf: + - type: string + - items: + type: string + type: array + type: object + Security_Solution_Detections_API_EndpointResponseAction: + type: object + properties: + action_type_id: + enum: + - .endpoint + type: string + params: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_DefaultParams + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ProcessesParams + required: + - action_type_id + - params + Security_Solution_Detections_API_EqlOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + event_category_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EventCategoryOverride + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + tiebreaker_field: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TiebreakerField + timestamp_field: + $ref: '#/components/schemas/Security_Solution_Detections_API_TimestampField' + Security_Solution_Detections_API_EqlQueryLanguage: + enum: + - eql + type: string + Security_Solution_Detections_API_EqlRequiredFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlQueryLanguage + description: Query language to use + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: EQL query to execute + type: + description: Rule type + enum: + - eql + type: string + required: + - type + - query + - language + Security_Solution_Detections_API_EqlRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleResponseFields + Security_Solution_Detections_API_EqlRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlOptionalFields + Security_Solution_Detections_API_EqlRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateFields + Security_Solution_Detections_API_EqlRulePatchFields: + allOf: + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlQueryLanguage + description: Query language to use + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: EQL query to execute + type: + description: Rule type + enum: + - eql + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlOptionalFields + Security_Solution_Detections_API_EqlRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRulePatchFields + Security_Solution_Detections_API_EqlRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlOptionalFields + Security_Solution_Detections_API_EqlRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateFields + Security_Solution_Detections_API_ErrorSchema: + additionalProperties: false + type: object + properties: + error: + type: object + properties: + message: + type: string + status_code: + minimum: 400 + type: integer + required: + - status_code + - message + id: + type: string + item_id: + minLength: 1 + type: string + list_id: + minLength: 1 + type: string + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + required: + - error + Security_Solution_Detections_API_EsqlQueryLanguage: + enum: + - esql + type: string + Security_Solution_Detections_API_EsqlRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleResponseFields + Security_Solution_Detections_API_EsqlRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleRequiredFields + Security_Solution_Detections_API_EsqlRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateFields + Security_Solution_Detections_API_EsqlRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + Security_Solution_Detections_API_EsqlRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlQueryLanguage + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: ESQL query to execute + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + type: + description: Rule type + enum: + - esql + type: string + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleOptionalFields + Security_Solution_Detections_API_EsqlRuleRequiredFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlQueryLanguage + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: ESQL query to execute + type: + description: Rule type + enum: + - esql + type: string + required: + - type + - language + - query + Security_Solution_Detections_API_EsqlRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleRequiredFields + Security_Solution_Detections_API_EsqlRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateFields + Security_Solution_Detections_API_EventCategoryOverride: + type: string + Security_Solution_Detections_API_ExceptionListType: + description: The exception type + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Solution_Detections_API_ExternalRuleSource: + description: >- + Type of rule source for externally sourced rules, i.e. rules that have + an external source, such as the Elastic Prebuilt rules repo. + type: object + properties: + is_customized: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsExternalRuleCustomized + type: + enum: + - external + type: string + required: + - type + - is_customized + Security_Solution_Detections_API_FindRulesSortField: + enum: + - created_at + - createdAt + - enabled + - execution_summary.last_execution.date + - execution_summary.last_execution.metrics.execution_gap_duration_s + - execution_summary.last_execution.metrics.total_indexing_duration_ms + - execution_summary.last_execution.metrics.total_search_duration_ms + - execution_summary.last_execution.status + - name + - risk_score + - riskScore + - severity + - updated_at + - updatedAt + type: string + Security_Solution_Detections_API_HistoryWindowStart: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + Security_Solution_Detections_API_IndexPatternArray: + items: + type: string + type: array + Security_Solution_Detections_API_InternalRuleSource: + description: >- + Type of rule source for internally sourced rules, i.e. created within + the Kibana apps. + type: object + properties: + type: + enum: + - internal + type: string + required: + - type + Security_Solution_Detections_API_InvestigationFields: + description: > + Schema for fields relating to investigation fields. These are user + defined fields we use to highlight + + in various features in the UI such as alert details flyout and + exceptions auto-population from alert. + + Added in PR #163235 + + Right now we only have a single field but anticipate adding more related + fields to store various + + configuration states such as `override` - where a user might say if they + want only these fields to + + display, or if they want these fields + the fields we select. When + expanding this field, it may look + + something like: + + ```typescript + + const investigationFields = z.object({ + field_names: NonEmptyArray(NonEmptyString), + override: z.boolean().optional(), + }); + + ``` + type: object + properties: + field_names: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + minItems: 1 + type: array + required: + - field_names + Security_Solution_Detections_API_InvestigationGuide: + description: Notes to help investigate alerts produced by the rule. + type: string + Security_Solution_Detections_API_IsExternalRuleCustomized: + description: >- + Determines whether an external/prebuilt rule has been customized by the + user (i.e. any of its fields have been modified and diverged from the + base value). + type: boolean + Security_Solution_Detections_API_IsRuleEnabled: + description: Determines whether the rule is enabled. + type: boolean + Security_Solution_Detections_API_IsRuleImmutable: + deprecated: true + description: >- + This field determines whether the rule is a prebuilt Elastic rule. It + will be replaced with the `rule_source` field. + type: boolean + Security_Solution_Detections_API_ItemsPerSearch: + minimum: 1 + type: integer + Security_Solution_Detections_API_KqlQueryLanguage: + enum: + - kuery + - lucene + type: string + Security_Solution_Detections_API_MachineLearningJobId: + description: Machine learning job ID + oneOf: + - type: string + - items: + type: string + minItems: 1 + type: array + Security_Solution_Detections_API_MachineLearningRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleResponseFields + Security_Solution_Detections_API_MachineLearningRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleOptionalFields + Security_Solution_Detections_API_MachineLearningRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateFields + Security_Solution_Detections_API_MachineLearningRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + Security_Solution_Detections_API_MachineLearningRulePatchFields: + allOf: + - type: object + properties: + anomaly_threshold: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AnomalyThreshold + machine_learning_job_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningJobId + type: + description: Rule type + enum: + - machine_learning + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleOptionalFields + Security_Solution_Detections_API_MachineLearningRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRulePatchFields + Security_Solution_Detections_API_MachineLearningRuleRequiredFields: + type: object + properties: + anomaly_threshold: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AnomalyThreshold + machine_learning_job_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningJobId + type: + description: Rule type + enum: + - machine_learning + type: string + required: + - type + - machine_learning_job_id + - anomaly_threshold + Security_Solution_Detections_API_MachineLearningRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleOptionalFields + Security_Solution_Detections_API_MachineLearningRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateFields + Security_Solution_Detections_API_MaxSignals: + minimum: 1 + type: integer + Security_Solution_Detections_API_NewTermsFields: + items: + type: string + maxItems: 3 + minItems: 1 + type: array + Security_Solution_Detections_API_NewTermsRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleResponseFields + Security_Solution_Detections_API_NewTermsRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleDefaultableFields + Security_Solution_Detections_API_NewTermsRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateFields + Security_Solution_Detections_API_NewTermsRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_NewTermsRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + Security_Solution_Detections_API_NewTermsRulePatchFields: + allOf: + - type: object + properties: + history_window_start: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_HistoryWindowStart + new_terms_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsFields + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + type: + description: Rule type + enum: + - new_terms + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleDefaultableFields + Security_Solution_Detections_API_NewTermsRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRulePatchFields + Security_Solution_Detections_API_NewTermsRuleRequiredFields: + type: object + properties: + history_window_start: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_HistoryWindowStart + new_terms_fields: + $ref: '#/components/schemas/Security_Solution_Detections_API_NewTermsFields' + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + type: + description: Rule type + enum: + - new_terms + type: string + required: + - type + - query + - new_terms_fields + - history_window_start + Security_Solution_Detections_API_NewTermsRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_NewTermsRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateFields + Security_Solution_Detections_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Detections_API_NormalizedRuleAction: + additionalProperties: false + type: object + properties: + alerts_filter: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionAlertsFilter + frequency: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionFrequency + group: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionGroup + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleActionId' + params: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionParams + required: + - id + - params + Security_Solution_Detections_API_NormalizedRuleError: + type: object + properties: + err_code: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionsDryRunErrCode + message: + type: string + rules: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDetailsInError + type: array + status_code: + type: integer + required: + - message + - status_code + - rules + Security_Solution_Detections_API_OsqueryParams: + type: object + properties: + ecs_mapping: + $ref: '#/components/schemas/Security_Solution_Detections_API_EcsMapping' + pack_id: + type: string + queries: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_OsqueryQuery' + type: array + query: + type: string + saved_query_id: + type: string + timeout: + type: number + Security_Solution_Detections_API_OsqueryQuery: + type: object + properties: + ecs_mapping: + $ref: '#/components/schemas/Security_Solution_Detections_API_EcsMapping' + id: + description: Query ID + type: string + platform: + type: string + query: + description: Query to run + type: string + removed: + type: boolean + snapshot: + type: boolean + version: + description: Query version + type: string + required: + - id + - query + Security_Solution_Detections_API_OsqueryResponseAction: + type: object + properties: + action_type_id: + enum: + - .osquery + type: string + params: + $ref: '#/components/schemas/Security_Solution_Detections_API_OsqueryParams' + required: + - action_type_id + - params + Security_Solution_Detections_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Detections_API_ProcessesParams: + type: object + properties: + command: + enum: + - kill-process + - suspend-process + type: string + comment: + type: string + config: + type: object + properties: + field: + description: Field to use instead of process.pid + type: string + overwrite: + default: true + description: Whether to overwrite field with process.pid + type: boolean + required: + - field + required: + - command + - config + Security_Solution_Detections_API_QueryRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleResponseFields + Security_Solution_Detections_API_QueryRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleDefaultableFields + Security_Solution_Detections_API_QueryRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateFields + Security_Solution_Detections_API_QueryRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + Security_Solution_Detections_API_QueryRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + Security_Solution_Detections_API_QueryRulePatchFields: + allOf: + - type: object + properties: + type: + description: Rule type + enum: + - query + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleDefaultableFields + Security_Solution_Detections_API_QueryRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRulePatchFields + Security_Solution_Detections_API_QueryRuleRequiredFields: + type: object + properties: + type: + description: Rule type + enum: + - query + type: string + required: + - type + Security_Solution_Detections_API_QueryRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + required: + - query + - language + Security_Solution_Detections_API_QueryRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateFields + Security_Solution_Detections_API_RelatedIntegration: + description: > + Related integration is a potential dependency of a rule. It's assumed + that if the user installs + + one of the related integrations of a rule, the rule might start to work + properly because it will + + have source events (generated by this integration) potentially matching + the rule's query. + + + NOTE: Proper work is not guaranteed, because a related integration, if + installed, can be + + configured differently or generate data that is not necessarily relevant + for this rule. + + + Related integration is a combination of a Fleet package and (optionally) + one of the + + package's "integrations" that this package contains. It is represented + by 3 properties: + + + - `package`: name of the package (required, unique id) + + - `version`: version of the package (required, semver-compatible) + + - `integration`: name of the integration of this package (optional, id + within the package) + + + There are Fleet packages like `windows` that contain only one + integration; in this case, + + `integration` should be unspecified. There are also packages like `aws` + and `azure` that contain + + several integrations; in this case, `integration` should be specified. + + + @example + + const x: RelatedIntegration = { + package: 'windows', + version: '1.5.x', + }; + + + @example + + const x: RelatedIntegration = { + package: 'azure', + version: '~1.1.6', + integration: 'activitylogs', + }; + type: object + properties: + integration: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + package: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + version: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + required: + - package + - version + Security_Solution_Detections_API_RelatedIntegrationArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegration + type: array + Security_Solution_Detections_API_RequiredField: + description: > + Describes an Elasticsearch field that is needed for the rule to + function. + + + Almost all types of Security rules check source event documents for a + match to some kind of + + query or filter. If a document has certain field with certain values, + then it's a match and + + the rule will generate an alert. + + + Required field is an event field that must be present in the source + indices of a given rule. + + + @example + + const standardEcsField: RequiredField = { + name: 'event.action', + type: 'keyword', + ecs: true, + }; + + + @example + + const nonEcsField: RequiredField = { + name: 'winlog.event_data.AttributeLDAPDisplayName', + type: 'keyword', + ecs: false, + }; + type: object + properties: + ecs: + description: Whether the field is an ECS field + type: boolean + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Name of an Elasticsearch field + type: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Type of the Elasticsearch field + required: + - name + - type + - ecs + Security_Solution_Detections_API_RequiredFieldArray: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RequiredField' + type: array + Security_Solution_Detections_API_RequiredFieldInput: + description: >- + Input parameters to create a RequiredField. Does not include the `ecs` + field, because `ecs` is calculated on the backend based on the field + name and type. + type: object + properties: + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Name of an Elasticsearch field + type: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Type of an Elasticsearch field + required: + - name + - type + Security_Solution_Detections_API_ResponseAction: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_OsqueryResponseAction + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EndpointResponseAction + Security_Solution_Detections_API_ResponseFields: + type: object + properties: + created_at: + format: date-time + type: string + created_by: + type: string + execution_summary: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionSummary + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleObjectId' + immutable: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleImmutable + required_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldArray + revision: + minimum: 0 + type: integer + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_source: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleSource' + updated_at: + format: date-time + type: string + updated_by: + type: string + required: + - id + - rule_id + - immutable + - updated_at + - updated_by + - created_at + - created_by + - revision + - related_integrations + - required_fields + Security_Solution_Detections_API_RiskScore: + description: Risk score (0 to 100) + maximum: 100 + minimum: 0 + type: integer + Security_Solution_Detections_API_RiskScoreMapping: + description: >- + Overrides generated alerts' risk_score with a value from the source + event + items: + type: object + properties: + field: + type: string + operator: + enum: + - equals + type: string + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + value: + type: string + required: + - field + - operator + - value + type: array + Security_Solution_Detections_API_RuleAction: + type: object + properties: + action_type_id: + description: The action type used for sending notifications. + type: string + alerts_filter: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionAlertsFilter + frequency: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionFrequency + group: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionGroup + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleActionId' + params: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionParams + uuid: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + required: + - action_type_id + - id + - params + Security_Solution_Detections_API_RuleActionAlertsFilter: + additionalProperties: true + type: object + Security_Solution_Detections_API_RuleActionFrequency: + description: >- + The action frequency defines when the action runs (for example, only on + rule execution or at specific time intervals). + type: object + properties: + notifyWhen: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionNotifyWhen + summary: + description: >- + Action summary indicates whether we will send a summary notification + about all the generate alerts or notification per individual alert + type: boolean + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + nullable: true + required: + - summary + - notifyWhen + - throttle + Security_Solution_Detections_API_RuleActionGroup: + description: >- + Optionally groups actions by use cases. Use `default` for alert + notifications. + type: string + Security_Solution_Detections_API_RuleActionId: + description: The connector ID. + type: string + Security_Solution_Detections_API_RuleActionNotifyWhen: + description: >- + The condition for throttling the notification: `onActionGroupChange`, + `onActiveAlert`, or `onThrottleInterval` + enum: + - onActiveAlert + - onThrottleInterval + - onActionGroupChange + type: string + Security_Solution_Detections_API_RuleActionParams: + additionalProperties: true + description: >- + Object containing the allowed connector fields, which varies according + to the connector type. + type: object + Security_Solution_Detections_API_RuleActionThrottle: + description: Defines how often rule actions are taken. + oneOf: + - enum: + - no_actions + - rule + type: string + - description: Time interval in seconds, minutes, hours, or days. + example: 1h + pattern: ^[1-9]\d*[smhd]$ + type: string + Security_Solution_Detections_API_RuleAuthorArray: + items: + type: string + type: array + Security_Solution_Detections_API_RuleCreateProps: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateProps + discriminator: + propertyName: type + Security_Solution_Detections_API_RuleDescription: + minLength: 1 + type: string + Security_Solution_Detections_API_RuleDetailsInError: + type: object + properties: + id: + type: string + name: + type: string + required: + - id + Security_Solution_Detections_API_RuleExceptionList: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: ID of the exception container + list_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: List ID of the exception container + namespace_type: + description: Determines the exceptions validity in rule's Kibana space + enum: + - agnostic + - single + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ExceptionListType + required: + - id + - list_id + - type + - namespace_type + Security_Solution_Detections_API_RuleExecutionMetrics: + type: object + properties: + execution_gap_duration_s: + description: Duration in seconds of execution gap + minimum: 0 + type: integer + total_enrichment_duration_ms: + description: >- + Total time spent enriching documents during current rule execution + cycle + minimum: 0 + type: integer + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during current rule execution + cycle + minimum: 0 + type: integer + total_search_duration_ms: + description: >- + Total time spent performing ES searches as measured by Kibana; + includes network latency and time spent serializing/deserializing + request/response + minimum: 0 + type: integer + Security_Solution_Detections_API_RuleExecutionStatus: + description: >- + Custom execution status of Security rules that is different from the + status used in the Alerting Framework. We merge our custom status with + the Framework's status to determine the resulting status of a rule. + + - going to run - @deprecated Replaced by the 'running' status but left + for backwards compatibility with rule execution events already written + to Event Log in the prior versions of Kibana. Don't use when writing + rule status changes. + + - running - Rule execution started but not reached any intermediate or + final status. + + - partial failure - Rule can partially fail for various reasons either + in the middle of an execution (in this case we update its status right + away) or in the end of it. So currently this status can be both + intermediate and final at the same time. A typical reason for a partial + failure: not all the indices that the rule searches over actually exist. + + - failed - Rule failed to execute due to unhandled exception or a reason + defined in the business logic of its executor function. + + - succeeded - Rule executed successfully without any issues. Note: this + status is just an indication of a rule's "health". The rule might or + might not generate any alerts despite of it. + enum: + - going to run + - running + - partial failure + - failed + - succeeded + type: string + Security_Solution_Detections_API_RuleExecutionStatusOrder: + type: integer + Security_Solution_Detections_API_RuleExecutionSummary: + type: object + properties: + last_execution: + type: object + properties: + date: + description: Date of the last execution + format: date-time + type: string + message: + type: string + metrics: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionMetrics + status: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionStatus + description: Status of the last execution + status_order: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionStatusOrder + required: + - date + - status + - status_order + - message + - metrics + required: + - last_execution + Security_Solution_Detections_API_RuleFalsePositiveArray: + items: + type: string + type: array + Security_Solution_Detections_API_RuleFilterArray: + items: {} + type: array + Security_Solution_Detections_API_RuleInterval: + description: >- + Frequency of rule execution, using a date math range. For example, "1h" + means the rule runs every hour. Defaults to 5m (5 minutes). + type: string + Security_Solution_Detections_API_RuleIntervalFrom: + description: >- + Time from which data is analyzed each time the rule runs, using a date + math range. For example, now-4200s means the rule analyzes data from 70 + minutes before its start time. Defaults to now-6m (analyzes data from 6 + minutes before the start time). + format: date-math + type: string + Security_Solution_Detections_API_RuleIntervalTo: + type: string + Security_Solution_Detections_API_RuleLicense: + description: The rule's license. + type: string + Security_Solution_Detections_API_RuleMetadata: + additionalProperties: true + type: object + Security_Solution_Detections_API_RuleName: + minLength: 1 + type: string + Security_Solution_Detections_API_RuleNameOverride: + description: Sets the source field for the alert's signal.rule.name value + type: string + Security_Solution_Detections_API_RuleObjectId: + $ref: '#/components/schemas/Security_Solution_Detections_API_UUID' + Security_Solution_Detections_API_RulePatchProps: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRulePatchProps + Security_Solution_Detections_API_RulePreviewLoggedRequest: + type: object + properties: + description: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + duration: + type: integer + request: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + required: + - request + Security_Solution_Detections_API_RulePreviewLogs: + type: object + properties: + duration: + description: Execution duration in milliseconds + type: integer + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + requests: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewLoggedRequest + type: array + startedAt: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + warnings: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + required: + - errors + - warnings + - duration + Security_Solution_Detections_API_RulePreviewParams: + type: object + properties: + invocationCount: + type: integer + timeframeEnd: + format: date-time + type: string + required: + - invocationCount + - timeframeEnd + Security_Solution_Detections_API_RuleQuery: + type: string + Security_Solution_Detections_API_RuleReferenceArray: + items: + type: string + type: array + Security_Solution_Detections_API_RuleResponse: + anyOf: + - $ref: '#/components/schemas/Security_Solution_Detections_API_EqlRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_QueryRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_ThresholdRule' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRule + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRule + - $ref: '#/components/schemas/Security_Solution_Detections_API_NewTermsRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_EsqlRule' + discriminator: + propertyName: type + Security_Solution_Detections_API_RuleSignatureId: + description: Could be any string, not necessarily a UUID + type: string + Security_Solution_Detections_API_RuleSource: + description: >- + Discriminated union that determines whether the rule is internally + sourced (created within the Kibana app) or has an external source, such + as the Elastic Prebuilt rules repo. + discriminator: + propertyName: type + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ExternalRuleSource + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_InternalRuleSource + Security_Solution_Detections_API_RuleTagArray: + description: >- + String array containing words and phrases to help categorize, filter, + and search rules. Defaults to an empty array. + items: + type: string + type: array + Security_Solution_Detections_API_RuleUpdateProps: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleUpdateProps + discriminator: + propertyName: type + Security_Solution_Detections_API_RuleVersion: + description: The rule's version number. + minimum: 1 + type: integer + Security_Solution_Detections_API_SavedObjectResolveAliasPurpose: + enum: + - savedObjectConversion + - savedObjectImport + type: string + Security_Solution_Detections_API_SavedObjectResolveAliasTargetId: + type: string + Security_Solution_Detections_API_SavedObjectResolveOutcome: + enum: + - exactMatch + - aliasMatch + - conflict + type: string + Security_Solution_Detections_API_SavedQueryId: + type: string + Security_Solution_Detections_API_SavedQueryRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleResponseFields + Security_Solution_Detections_API_SavedQueryRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleDefaultableFields + Security_Solution_Detections_API_SavedQueryRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateFields + Security_Solution_Detections_API_SavedQueryRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_SavedQueryRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + Security_Solution_Detections_API_SavedQueryRulePatchFields: + allOf: + - type: object + properties: + saved_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryId + type: + description: Rule type + enum: + - saved_query + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleDefaultableFields + Security_Solution_Detections_API_SavedQueryRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRulePatchFields + Security_Solution_Detections_API_SavedQueryRuleRequiredFields: + type: object + properties: + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + type: + description: Rule type + enum: + - saved_query + type: string + required: + - type + - saved_id + Security_Solution_Detections_API_SavedQueryRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_SavedQueryRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateFields + Security_Solution_Detections_API_SetAlertsStatusByIds: + type: object + properties: + signal_ids: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + minItems: 1 + type: array + status: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertStatus' + required: + - signal_ids + - status + Security_Solution_Detections_API_SetAlertsStatusByQuery: + type: object + properties: + conflicts: + default: abort + enum: + - abort + - proceed + type: string + query: + additionalProperties: true + type: object + status: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertStatus' + required: + - query + - status + Security_Solution_Detections_API_SetAlertTags: + type: object + properties: + tags_to_add: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertTags' + tags_to_remove: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertTags' + required: + - tags_to_add + - tags_to_remove + Security_Solution_Detections_API_SetupGuide: + type: string + Security_Solution_Detections_API_Severity: + description: Severity of the rule + enum: + - low + - medium + - high + - critical + type: string + Security_Solution_Detections_API_SeverityMapping: + description: Overrides generated alerts' severity with values from the source event + items: + type: object + properties: + field: + type: string + operator: + enum: + - equals + type: string + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + value: + type: string + required: + - field + - operator + - severity + - value + type: array + Security_Solution_Detections_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Detections_API_SortOrder: + enum: + - asc + - desc + type: string + Security_Solution_Detections_API_Threat: + type: object + properties: + framework: + description: Relevant attack framework + type: string + tactic: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatTactic' + technique: + description: Array containing information on the attack techniques (optional) + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatTechnique + type: array + required: + - framework + - tactic + Security_Solution_Detections_API_ThreatArray: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_Threat' + type: array + Security_Solution_Detections_API_ThreatFilters: + items: + description: >- + Query and filter context array used to filter documents from the + Elasticsearch index containing the threat values + type: array + Security_Solution_Detections_API_ThreatIndex: + items: + type: string + type: array + Security_Solution_Detections_API_ThreatIndicatorPath: + description: >- + Defines the path to the threat indicator in the indicator documents + (optional) + type: string + Security_Solution_Detections_API_ThreatMapping: + items: + type: object + properties: + entries: + items: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: + enum: + - mapping + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + required: + - field + - type + - value + type: array + required: + - entries + minItems: 1 + type: array + Security_Solution_Detections_API_ThreatMatchRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleResponseFields + Security_Solution_Detections_API_ThreatMatchRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleDefaultableFields + Security_Solution_Detections_API_ThreatMatchRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateFields + Security_Solution_Detections_API_ThreatMatchRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_ThreatMatchRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + concurrent_searches: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ConcurrentSearches + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + items_per_search: + $ref: '#/components/schemas/Security_Solution_Detections_API_ItemsPerSearch' + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + threat_filters: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatFilters' + threat_indicator_path: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatIndicatorPath + threat_language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_ThreatMatchRulePatchFields: + allOf: + - type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threat_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatIndex + threat_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMapping + threat_query: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatQuery + type: + description: Rule type + enum: + - threat_match + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleDefaultableFields + Security_Solution_Detections_API_ThreatMatchRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRulePatchFields + Security_Solution_Detections_API_ThreatMatchRuleRequiredFields: + type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threat_index: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatIndex' + threat_mapping: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatMapping' + threat_query: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatQuery' + type: + description: Rule type + enum: + - threat_match + type: string + required: + - type + - query + - threat_query + - threat_mapping + - threat_index + Security_Solution_Detections_API_ThreatMatchRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_ThreatMatchRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateFields + Security_Solution_Detections_API_ThreatQuery: + description: Query to run + type: string + Security_Solution_Detections_API_ThreatSubtechnique: + type: object + properties: + id: + description: Subtechnique ID + type: string + name: + description: Subtechnique name + type: string + reference: + description: Subtechnique reference + type: string + required: + - id + - name + - reference + Security_Solution_Detections_API_ThreatTactic: + type: object + properties: + id: + description: Tactic ID + type: string + name: + description: Tactic name + type: string + reference: + description: Tactic reference + type: string + required: + - id + - name + - reference + Security_Solution_Detections_API_ThreatTechnique: + type: object + properties: + id: + description: Technique ID + type: string + name: + description: Technique name + type: string + reference: + description: Technique reference + type: string + subtechnique: + description: Array containing more specific information on the attack technique + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatSubtechnique + type: array + required: + - id + - name + - reference + Security_Solution_Detections_API_Threshold: + type: object + properties: + cardinality: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdCardinality + field: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThresholdField' + value: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThresholdValue' + required: + - field + - value + Security_Solution_Detections_API_ThresholdAlertSuppression: + type: object + properties: + duration: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionDuration + required: + - duration + Security_Solution_Detections_API_ThresholdCardinality: + items: + type: object + properties: + field: + type: string + value: + minimum: 0 + type: integer + required: + - field + - value + type: array + Security_Solution_Detections_API_ThresholdField: + description: Field to aggregate on + oneOf: + - type: string + - items: + type: string + type: array + Security_Solution_Detections_API_ThresholdRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleResponseFields + Security_Solution_Detections_API_ThresholdRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleDefaultableFields + Security_Solution_Detections_API_ThresholdRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateFields + Security_Solution_Detections_API_ThresholdRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_ThresholdRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdAlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + Security_Solution_Detections_API_ThresholdRulePatchFields: + allOf: + - type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threshold: + $ref: '#/components/schemas/Security_Solution_Detections_API_Threshold' + type: + description: Rule type + enum: + - threshold + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleDefaultableFields + Security_Solution_Detections_API_ThresholdRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRulePatchFields + Security_Solution_Detections_API_ThresholdRuleRequiredFields: + type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threshold: + $ref: '#/components/schemas/Security_Solution_Detections_API_Threshold' + type: + description: Rule type + enum: + - threshold + type: string + required: + - type + - query + - threshold + Security_Solution_Detections_API_ThresholdRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_ThresholdRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateFields + Security_Solution_Detections_API_ThresholdValue: + description: Threshold value + minimum: 1 + type: integer + Security_Solution_Detections_API_ThrottleForBulkActions: + description: >- + The condition for throttling the notification: 'rule', 'no_actions', or + time duration + enum: + - rule + - 1h + - 1d + - 7d + type: string + Security_Solution_Detections_API_TiebreakerField: + description: Sets a secondary field for sorting events + type: string + Security_Solution_Detections_API_TimelineTemplateId: + description: Timeline template ID + type: string + Security_Solution_Detections_API_TimelineTemplateTitle: + description: Timeline template title + type: string + Security_Solution_Detections_API_TimestampField: + description: Contains the event timestamp used for sorting a sequence of events + type: string + Security_Solution_Detections_API_TimestampOverride: + description: Sets the time field used to query indices + type: string + Security_Solution_Detections_API_TimestampOverrideFallbackDisabled: + description: Disables the fallback to the event's @timestamp field + type: boolean + Security_Solution_Detections_API_UUID: + description: A universally unique identifier + format: uuid + type: string + Security_Solution_Detections_API_WarningSchema: + type: object + properties: + actionPath: + type: string + buttonLabel: + type: string + message: + type: string + type: + type: string + required: + - type + - message + - actionPath + Security_Solution_Endpoint_Exceptions_API_EndpointList: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionList + - additionalProperties: false + type: object + Security_Solution_Endpoint_Exceptions_API_EndpointListItem: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItem + Security_Solution_Endpoint_Exceptions_API_ExceptionList: + type: object + properties: + _version: + type: string + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListDescription + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListId + immutable: + type: boolean + list_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListType + updated_at: + format: date-time + type: string + updated_by: + type: string + version: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListVersion + required: + - id + - list_id + - type + - name + - description + - immutable + - namespace_type + - version + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Endpoint_Exceptions_API_ExceptionListDescription: + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListHumanId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + description: Human readable string identifier, e.g. `trusted-linux-processes` + Security_Solution_Endpoint_Exceptions_API_ExceptionListId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItem: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + item_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType + updated_at: + format: date-time + type: string + updated_by: + type: string + required: + - id + - item_id + - list_id + - type + - name + - description + - entries + - namespace_type + - comments + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemComment: + type: object + properties: + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + created_at: + format: date-time + type: string + created_by: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + updated_at: + format: date-time + type: string + updated_by: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + required: + - id + - comment + - created_at + - created_by + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemComment + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription: + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntry: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryList + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryExists + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNested + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchWildcard + discriminator: + propertyName: type + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntry + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryExists: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - exists + type: string + required: + - type + - field + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryList: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + list: + type: object + properties: + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ListId + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ListType + required: + - id + - type + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - list + type: string + required: + - type + - field + - list + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatch: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + required: + - type + - field + - value + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match_any + type: string + value: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + minItems: 1 + type: array + required: + - type + - field + - value + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchWildcard: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - wildcard + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + required: + - type + - field + - value + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNested: + type: object + properties: + entries: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNestedEntryItem + minItems: 1 + type: array + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + type: + enum: + - nested + type: string + required: + - type + - field + - entries + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNestedEntryItem: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryExists + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator: + enum: + - excluded + - included + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta: + additionalProperties: true + type: object + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType: + enum: + - simple + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListMeta: + additionalProperties: true + type: object + Security_Solution_Endpoint_Exceptions_API_ExceptionListName: + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListOsType: + enum: + - linux + - macos + - windows + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListTags: + items: + type: string + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListType: + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListVersion: + minimum: 1 + type: integer + Security_Solution_Endpoint_Exceptions_API_ExceptionNamespaceType: + description: > + Determines whether the exception container is available in all Kibana + spaces or just the space + + in which it is created, where: + + + - `single`: Only available in the Kibana space in which it is created. + + - `agnostic`: Available in all Kibana spaces. + enum: + - agnostic + - single + type: string + Security_Solution_Endpoint_Exceptions_API_FindEndpointListItemsFilter: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ListId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Solution_Endpoint_Exceptions_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Endpoint_Management_API_ActionLogRequestQuery: + type: object + properties: + end_date: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndDate + page: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Page' + page_size: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PageSize + start_date: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_StartDate + Security_Solution_Endpoint_Management_API_ActionStateSuccessResponse: + type: object + properties: + body: + type: object + properties: + data: + type: object + properties: + canEncrypt: + type: boolean + required: + - data + required: + - body + Security_Solution_Endpoint_Management_API_ActionStatusSuccessResponse: + type: object + properties: + body: + type: object + properties: + data: + type: object + properties: + agent_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentId + pending_actions: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionsSchema + required: + - agent_id + - pending_actions + required: + - data + required: + - body + Security_Solution_Endpoint_Management_API_AgentId: + description: Agent ID + type: string + Security_Solution_Endpoint_Management_API_AgentIds: + minLength: 1 + oneOf: + - items: + minLength: 1 + type: string + maxItems: 50 + minItems: 1 + type: array + - minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_AgentTypes: + enum: + - endpoint + - sentinel_one + - crowdstrike + type: string + Security_Solution_Endpoint_Management_API_AlertIds: + description: A list of alerts ids. + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NonEmptyString + minItems: 1 + type: array + Security_Solution_Endpoint_Management_API_CaseIds: + description: Case IDs to be updated (cannot contain empty strings) + items: + minLength: 1 + type: string + minItems: 1 + type: array + Security_Solution_Endpoint_Management_API_Command: + description: The command to be executed (cannot be an empty string) + enum: + - isolate + - unisolate + - kill-process + - suspend-process + - running-processes + - get-file + - execute + - upload + - scan + minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_Commands: + items: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Command' + type: array + Security_Solution_Endpoint_Management_API_Comment: + description: Optional comment + type: string + Security_Solution_Endpoint_Management_API_EndDate: + description: End date + type: string + Security_Solution_Endpoint_Management_API_EndpointIds: + description: List of endpoint IDs (cannot contain empty strings) + items: + minLength: 1 + type: string + minItems: 1 + type: array + Security_Solution_Endpoint_Management_API_EntityId: + type: object + properties: + entity_id: + minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_ExecuteRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + command: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Command + timeout: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Timeout + required: + - command + required: + - parameters + Security_Solution_Endpoint_Management_API_GetEndpointActionListRouteQuery: + type: object + properties: + agentIds: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentIds + agentTypes: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + commands: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Commands + endDate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndDate + page: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Page' + pageSize: + default: 10 + description: Number of items per page + maximum: 10000 + minimum: 1 + type: integer + startDate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_StartDate + types: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Types' + userIds: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_UserIds + withOutputs: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_WithOutputs + Security_Solution_Endpoint_Management_API_GetFileRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + path: + type: string + required: + - path + required: + - parameters + Security_Solution_Endpoint_Management_API_GetProcessesRouteRequestBody: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NoParametersRequestSchema + Security_Solution_Endpoint_Management_API_IsolateRouteRequestBody: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NoParametersRequestSchema + Security_Solution_Endpoint_Management_API_KillProcessRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Pid + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EntityId + - type: object + properties: + process_name: + description: Valid for SentinelOne agent type only + minLength: 1 + type: string + required: + - parameters + Security_Solution_Endpoint_Management_API_ListRequestQuery: + type: object + properties: + hostStatuses: + items: + enum: + - healthy + - offline + - updating + - inactive + - unenrolled + type: string + type: array + kuery: + nullable: true + type: string + page: + default: 0 + description: Page number + minimum: 0 + type: integer + pageSize: + default: 10 + description: Number of items per page + maximum: 10000 + minimum: 1 + type: integer + sortDirection: + enum: + - asc + - desc + nullable: true + type: string + sortField: + enum: + - enrolled_at + - metadata.host.hostname + - host_status + - metadata.Endpoint.policy.applied.name + - metadata.Endpoint.policy.applied.status + - metadata.host.os.name + - metadata.host.ip + - metadata.agent.version + - last_checkin + type: string + required: + - hostStatuses + Security_Solution_Endpoint_Management_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Endpoint_Management_API_NoParametersRequestSchema: + type: object + properties: + body: + type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + required: + - body + Security_Solution_Endpoint_Management_API_Page: + default: 1 + description: Page number + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_PageSize: + default: 10 + description: Number of items per page + maximum: 100 + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_Parameters: + description: Optional parameters object + type: object + Security_Solution_Endpoint_Management_API_PendingActionDataType: + type: integer + Security_Solution_Endpoint_Management_API_PendingActionsSchema: + oneOf: + - type: object + properties: + execute: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + get-file: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + isolate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + kill-process: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + running-processes: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + scan: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + suspend-process: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + unisolate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + upload: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + - additionalProperties: true + type: object + Security_Solution_Endpoint_Management_API_Pid: + type: object + properties: + pid: + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_ProtectionUpdatesNoteResponse: + type: object + properties: + note: + type: string + Security_Solution_Endpoint_Management_API_ScanRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + path: + type: string + required: + - path + required: + - parameters + Security_Solution_Endpoint_Management_API_StartDate: + description: Start date + type: string + Security_Solution_Endpoint_Management_API_SuccessResponse: + type: object + properties: {} + Security_Solution_Endpoint_Management_API_SuspendProcessRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Pid + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EntityId + required: + - parameters + Security_Solution_Endpoint_Management_API_Timeout: + description: The maximum timeout value in milliseconds (optional) + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_Type: + description: Type of response action + enum: + - automated + - manual + type: string + Security_Solution_Endpoint_Management_API_Types: + description: List of types of response actions + items: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Type' + maxLength: 2 + minLength: 1 + type: array + Security_Solution_Endpoint_Management_API_UnisolateRouteRequestBody: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NoParametersRequestSchema + Security_Solution_Endpoint_Management_API_UploadRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + file: + format: binary + type: string + parameters: + type: object + properties: + overwrite: + default: false + type: boolean + required: + - parameters + - file + Security_Solution_Endpoint_Management_API_UserIds: + description: User IDs + oneOf: + - items: + minLength: 1 + type: string + minItems: 1 + type: array + - minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_WithOutputs: + description: Shows detailed outputs for an action response + oneOf: + - items: + minLength: 1 + type: string + minItems: 1 + type: array + - minLength: 1 + type: string + Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadErrorItem: + type: object + properties: + index: + type: integer + message: + type: string + required: + - message + - index + Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadStats: + type: object + properties: + failed: + type: integer + successful: + type: integer + total: + type: integer + required: + - successful + - failed + - total + Security_Solution_Entity_Analytics_API_AssetCriticalityLevel: + description: The criticality level of the asset. + enum: + - low_impact + - medium_impact + - high_impact + - extreme_impact + type: string + Security_Solution_Entity_Analytics_API_AssetCriticalityRecord: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord + - type: object + properties: + '@timestamp': + description: The time the record was created or updated. + example: '2017-07-21T17:32:28Z' + format: date-time + type: string + required: + - '@timestamp' + Security_Solution_Entity_Analytics_API_AssetCriticalityRecordIdParts: + type: object + properties: + id_field: + $ref: '#/components/schemas/Security_Solution_Entity_Analytics_API_IdField' + description: The field representing the ID. + example: host.name + id_value: + description: The ID value of the asset. + type: string + required: + - id_value + - id_field + Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecordIdParts + - type: object + properties: + criticality_level: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityLevel + required: + - criticality_level + Security_Solution_Entity_Analytics_API_EngineDescriptor: + type: object + properties: + filter: + type: string + indexPattern: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IndexPattern + status: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EngineStatus + type: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + Security_Solution_Entity_Analytics_API_EngineStatus: + enum: + - installing + - started + - stopped + type: string + Security_Solution_Entity_Analytics_API_Entity: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_UserEntity + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_HostEntity + Security_Solution_Entity_Analytics_API_EntityType: + enum: + - user + - host + type: string + Security_Solution_Entity_Analytics_API_HostEntity: + type: object + properties: + entity: + type: object + properties: + definitionId: + type: string + definitionVersion: + type: string + displayName: + type: string + firstSeenTimestamp: + format: date-time + type: string + id: + type: string + identityFields: + items: + type: string + type: array + lastSeenTimestamp: + format: date-time + type: string + schemaVersion: + type: string + type: + enum: + - node + type: string + required: + - lastSeenTimestamp + - schemaVersion + - definitionVersion + - displayName + - identityFields + - id + - type + - firstSeenTimestamp + - definitionId + host: + type: object + properties: + architecture: + items: + type: string + type: array + domain: + items: + type: string + type: array + hostname: + items: + type: string + type: array + id: + items: + type: string + type: array + ip: + items: + type: string + type: array + mac: + items: + type: string + type: array + name: + type: string + type: + items: + type: string + type: array + required: + - name + Security_Solution_Entity_Analytics_API_IdField: + enum: + - host.name + - user.name + type: string + Security_Solution_Entity_Analytics_API_IndexPattern: + type: string + Security_Solution_Entity_Analytics_API_InspectQuery: + type: object + properties: + dsl: + items: + type: string + type: array + response: + items: + type: string + type: array + required: + - dsl + - response + Security_Solution_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse: + type: object + properties: + full_error: + type: string + message: + type: string + required: + - message + - full_error + Security_Solution_Entity_Analytics_API_RiskEngineScheduleNowResponse: + type: object + properties: + success: + type: boolean + Security_Solution_Entity_Analytics_API_TaskManagerUnavailableResponse: + description: Task manager is unavailable + type: object + properties: + message: + type: string + status_code: + minimum: 400 + type: integer + required: + - status_code + - message + Security_Solution_Entity_Analytics_API_UserEntity: + type: object + properties: + entity: + type: object + properties: + definitionId: + type: string + definitionVersion: + type: string + displayName: + type: string + firstSeenTimestamp: + format: date-time + type: string + id: + type: string + identityFields: + items: + type: string + type: array + lastSeenTimestamp: + format: date-time + type: string + schemaVersion: + type: string + type: + enum: + - node + type: string + required: + - lastSeenTimestamp + - schemaVersion + - definitionVersion + - displayName + - identityFields + - id + - type + - firstSeenTimestamp + - definitionId + user: + type: object + properties: + domain: + items: + type: string + type: array + email: + items: + type: string + type: array + full_name: + items: + type: string + type: array + hash: + items: + type: string + type: array + id: + items: + type: string + type: array + name: + type: string + roles: + items: + type: string + type: array + required: + - name + Security_Solution_Exceptions_API_CreateExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - comment + Security_Solution_Exceptions_API_CreateExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateExceptionListItemComment + type: array + Security_Solution_Exceptions_API_CreateRuleExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - comment + Security_Solution_Exceptions_API_CreateRuleExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateRuleExceptionListItemComment + type: array + Security_Solution_Exceptions_API_CreateRuleExceptionListItemProps: + type: object + properties: + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateRuleExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + Security_Solution_Exceptions_API_ExceptionList: + type: object + properties: + _version: + type: string + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + immutable: + type: boolean + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListType + updated_at: + format: date-time + type: string + updated_by: + type: string + version: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListVersion + required: + - id + - list_id + - type + - name + - description + - immutable + - namespace_type + - version + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Exceptions_API_ExceptionListDescription: + type: string + Security_Solution_Exceptions_API_ExceptionListHumanId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + description: Human readable string identifier, e.g. `trusted-linux-processes` + Security_Solution_Exceptions_API_ExceptionListId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItem: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemCommentArray + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + updated_at: + format: date-time + type: string + updated_by: + type: string + required: + - id + - item_id + - list_id + - type + - name + - description + - entries + - namespace_type + - comments + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Exceptions_API_ExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + created_at: + format: date-time + type: string + created_by: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + id: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + updated_at: + format: date-time + type: string + updated_by: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - id + - comment + - created_at + - created_by + Security_Solution_Exceptions_API_ExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemComment + type: array + Security_Solution_Exceptions_API_ExceptionListItemDescription: + type: string + Security_Solution_Exceptions_API_ExceptionListItemEntry: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryList + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryExists + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryNested + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatchWildcard + discriminator: + propertyName: type + Security_Solution_Exceptions_API_ExceptionListItemEntryArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntry + type: array + Security_Solution_Exceptions_API_ExceptionListItemEntryExists: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - exists + type: string + required: + - type + - field + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryList: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + list: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_ListId' + type: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_ListType' + required: + - id + - type + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - list + type: string + required: + - type + - field + - list + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryMatch: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match + type: string + value: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - type + - field + - value + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryMatchAny: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match_any + type: string + value: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_NonEmptyString + minItems: 1 + type: array + required: + - type + - field + - value + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryMatchWildcard: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - wildcard + type: string + value: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - type + - field + - value + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryNested: + type: object + properties: + entries: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryNestedEntryItem + minItems: 1 + type: array + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + type: + enum: + - nested + type: string + required: + - type + - field + - entries + Security_Solution_Exceptions_API_ExceptionListItemEntryNestedEntryItem: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryExists + Security_Solution_Exceptions_API_ExceptionListItemEntryOperator: + enum: + - excluded + - included + type: string + Security_Solution_Exceptions_API_ExceptionListItemHumanId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItemId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItemMeta: + additionalProperties: true + type: object + Security_Solution_Exceptions_API_ExceptionListItemName: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Exceptions_API_ExceptionListItemTags: + items: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + type: array + Security_Solution_Exceptions_API_ExceptionListItemType: + enum: + - simple + type: string + Security_Solution_Exceptions_API_ExceptionListMeta: + additionalProperties: true + type: object + Security_Solution_Exceptions_API_ExceptionListName: + type: string + Security_Solution_Exceptions_API_ExceptionListOsType: + enum: + - linux + - macos + - windows + type: string + Security_Solution_Exceptions_API_ExceptionListOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Exceptions_API_ExceptionListsImportBulkError: + type: object + properties: + error: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + required: + - error + Security_Solution_Exceptions_API_ExceptionListsImportBulkErrorArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListsImportBulkError + type: array + Security_Solution_Exceptions_API_ExceptionListTags: + items: + type: string + type: array + Security_Solution_Exceptions_API_ExceptionListType: + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Solution_Exceptions_API_ExceptionListVersion: + minimum: 1 + type: integer + Security_Solution_Exceptions_API_ExceptionNamespaceType: + description: > + Determines whether the exception container is available in all Kibana + spaces or just the space + + in which it is created, where: + + + - `single`: Only available in the Kibana space in which it is created. + + - `agnostic`: Available in all Kibana spaces. + enum: + - agnostic + - single + type: string + Security_Solution_Exceptions_API_FindExceptionListItemsFilter: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_FindExceptionListsFilter: + type: string + Security_Solution_Exceptions_API_ListId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Solution_Exceptions_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Exceptions_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Exceptions_API_RuleId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_UUID' + Security_Solution_Exceptions_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Exceptions_API_UpdateExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + id: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - comment + Security_Solution_Exceptions_API_UpdateExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_UpdateExceptionListItemComment + type: array + Security_Solution_Exceptions_API_UUID: + description: A universally unique identifier + format: uuid + type: string + Security_Solution_Lists_API_FindListItemsCursor: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_FindListItemsFilter: + type: string + Security_Solution_Lists_API_FindListsCursor: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_FindListsFilter: + type: string + Security_Solution_Lists_API_List: + type: object + properties: + _version: + type: string + '@timestamp': + format: date-time + type: string + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListDescription' + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + immutable: + type: boolean + meta: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListMetadata' + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + serializer: + type: string + tie_breaker_id: + type: string + type: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + updated_at: + format: date-time + type: string + updated_by: + type: string + version: + minimum: 1 + type: integer + required: + - id + - type + - name + - description + - immutable + - version + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Lists_API_ListDescription: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListId: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListItem: + type: object + properties: + _version: + type: string + '@timestamp': + format: date-time + type: string + created_at: + format: date-time + type: string + created_by: + type: string + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + list_id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemMetadata' + serializer: + type: string + tie_breaker_id: + type: string + type: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + updated_at: + format: date-time + type: string + updated_by: + type: string + value: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemValue' + required: + - id + - type + - list_id + - value + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Lists_API_ListItemId: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListItemMetadata: + additionalProperties: true + type: object + Security_Solution_Lists_API_ListItemPrivileges: + type: object + properties: + application: + additionalProperties: + type: boolean + type: object + cluster: + additionalProperties: + type: boolean + type: object + has_all_requested: + type: boolean + index: + additionalProperties: + additionalProperties: + type: boolean + type: object + type: object + username: + type: string + required: + - username + - has_all_requested + - cluster + - index + - application + Security_Solution_Lists_API_ListItemValue: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListMetadata: + additionalProperties: true + type: object + Security_Solution_Lists_API_ListName: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListPrivileges: + type: object + properties: + application: + additionalProperties: + type: boolean + type: object + cluster: + additionalProperties: + type: boolean + type: object + has_all_requested: + type: boolean + index: + additionalProperties: + additionalProperties: + type: boolean + type: object + type: object + username: + type: string + required: + - username + - has_all_requested + - cluster + - index + - application + Security_Solution_Lists_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Solution_Lists_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Lists_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Lists_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Osquery_API_ArrayQueries: + items: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ArrayQueriesItem' + type: array + Security_Solution_Osquery_API_ArrayQueriesItem: + type: object + properties: + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PlatformOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Query' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_CreateLiveQueryRequestBody: + type: object + properties: + agent_all: + type: boolean + agent_ids: + items: + type: string + type: array + agent_platforms: + items: + type: string + type: array + agent_policy_ids: + items: + type: string + type: array + alert_ids: + items: + type: string + type: array + case_ids: + items: + type: string + type: array + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + event_ids: + items: + type: string + type: array + metadata: + nullable: true + type: object + pack_id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackIdOrUndefined' + queries: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ArrayQueries' + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_QueryOrUndefined' + saved_query_id: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SavedQueryIdOrUndefined + Security_Solution_Osquery_API_CreatePacksRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + enabled: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_EnabledOrUndefined + name: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackName' + policy_ids: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PolicyIdsOrUndefined + queries: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ObjectQueries' + shards: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Shards' + Security_Solution_Osquery_API_CreateSavedQueryRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + interval: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Interval' + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_QueryOrUndefined' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_DefaultSuccessResponse: + type: object + properties: {} + Security_Solution_Osquery_API_Description: + type: string + Security_Solution_Osquery_API_DescriptionOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Description' + nullable: true + Security_Solution_Osquery_API_ECSMapping: + additionalProperties: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ECSMappingItem' + type: object + Security_Solution_Osquery_API_ECSMappingItem: + type: object + properties: + field: + type: string + value: + oneOf: + - type: string + - items: + type: string + type: array + Security_Solution_Osquery_API_ECSMappingOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ECSMapping' + nullable: true + Security_Solution_Osquery_API_Enabled: + type: boolean + Security_Solution_Osquery_API_EnabledOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Enabled' + nullable: true + Security_Solution_Osquery_API_FindLiveQueryRequestQuery: + type: object + properties: + kuery: + $ref: '#/components/schemas/Security_Solution_Osquery_API_KueryOrUndefined' + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_FindPacksRequestQuery: + type: object + properties: + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_FindSavedQueryRequestQuery: + type: object + properties: + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_GetLiveQueryResultsRequestQuery: + type: object + properties: + kuery: + $ref: '#/components/schemas/Security_Solution_Osquery_API_KueryOrUndefined' + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_Id: + type: string + Security_Solution_Osquery_API_Interval: + type: string + Security_Solution_Osquery_API_IntervalOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Interval' + nullable: true + Security_Solution_Osquery_API_KueryOrUndefined: + nullable: true + type: string + Security_Solution_Osquery_API_ObjectQueries: + additionalProperties: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ObjectQueriesItem' + type: object + Security_Solution_Osquery_API_ObjectQueriesItem: + type: object + properties: + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PlatformOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Query' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + saved_query_id: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SavedQueryIdOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_PackId: + type: string + Security_Solution_Osquery_API_PackIdOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + nullable: true + Security_Solution_Osquery_API_PackName: + type: string + Security_Solution_Osquery_API_PageOrUndefined: + nullable: true + type: integer + Security_Solution_Osquery_API_PageSizeOrUndefined: + nullable: true + type: integer + Security_Solution_Osquery_API_Platform: + type: string + Security_Solution_Osquery_API_PlatformOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Platform' + nullable: true + Security_Solution_Osquery_API_PolicyIds: + items: + type: string + type: array + Security_Solution_Osquery_API_PolicyIdsOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PolicyIds' + nullable: true + Security_Solution_Osquery_API_Query: + type: string + Security_Solution_Osquery_API_QueryOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Query' + nullable: true + Security_Solution_Osquery_API_Removed: + type: boolean + Security_Solution_Osquery_API_RemovedOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Removed' + nullable: true + Security_Solution_Osquery_API_SavedQueryId: + type: string + Security_Solution_Osquery_API_SavedQueryIdOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + nullable: true + Security_Solution_Osquery_API_Shards: + additionalProperties: + type: number + type: object + Security_Solution_Osquery_API_Snapshot: + type: boolean + Security_Solution_Osquery_API_SnapshotOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Snapshot' + nullable: true + Security_Solution_Osquery_API_SortOrderOrUndefined: + oneOf: + - nullable: true + type: string + - enum: + - asc + - desc + Security_Solution_Osquery_API_SortOrUndefined: + nullable: true + type: string + Security_Solution_Osquery_API_UpdatePacksRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + enabled: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_EnabledOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + policy_ids: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PolicyIdsOrUndefined + queries: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ObjectQueries' + shards: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Shards' + Security_Solution_Osquery_API_UpdateSavedQueryRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + interval: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_IntervalOrUndefined + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_QueryOrUndefined' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_Version: + type: string + Security_Solution_Osquery_API_VersionOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Version' + nullable: true + Security_Solution_Timeline_API_BareNote: + type: object + properties: + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + eventId: + nullable: true + type: string + note: + nullable: true + type: string + timelineId: + nullable: true + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + required: + - timelineId + Security_Solution_Timeline_API_ColumnHeaderResult: + type: object + properties: + aggregatable: + type: boolean + category: + type: string + columnHeaderType: + type: string + description: + type: string + example: + oneOf: + - type: string + - type: number + id: + type: string + indexes: + items: + type: string + type: array + name: + type: string + placeholder: + type: string + searchable: + type: boolean + type: + type: string + Security_Solution_Timeline_API_DataProviderQueryMatch: + type: object + properties: + enabled: + nullable: true + type: boolean + excluded: + nullable: true + type: boolean + id: + nullable: true + type: string + kqlQuery: + nullable: true + type: string + name: + nullable: true + type: string + queryMatch: + $ref: '#/components/schemas/Security_Solution_Timeline_API_QueryMatchResult' + Security_Solution_Timeline_API_DataProviderResult: + type: object + properties: + and: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_DataProviderQueryMatch + nullable: true + type: array + enabled: + nullable: true + type: boolean + excluded: + nullable: true + type: boolean + id: + nullable: true + type: string + kqlQuery: + nullable: true + type: string + name: + nullable: true + type: string + queryMatch: + $ref: '#/components/schemas/Security_Solution_Timeline_API_QueryMatchResult' + nullable: true + type: + $ref: '#/components/schemas/Security_Solution_Timeline_API_DataProviderType' + nullable: true + Security_Solution_Timeline_API_DataProviderType: + description: >- + The type of data provider to create. Valid values are `default` and + `template`. + enum: + - default + - template + type: string + Security_Solution_Timeline_API_DocumentIds: + oneOf: + - items: + type: string + type: array + - type: string + Security_Solution_Timeline_API_FavoriteTimelineResponse: + type: object + properties: + code: + nullable: true + type: number + favorite: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FavoriteTimelineResult + type: array + message: + nullable: true + type: string + savedObjectId: + type: string + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineType: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + version: + type: string + required: + - savedObjectId + - version + Security_Solution_Timeline_API_FavoriteTimelineResult: + type: object + properties: + favoriteDate: + nullable: true + type: number + fullName: + nullable: true + type: string + userName: + nullable: true + type: string + Security_Solution_Timeline_API_FilterTimelineResult: + type: object + properties: + exists: + type: boolean + match_all: + type: string + meta: + type: object + properties: + alias: + type: string + controlledBy: + type: string + disabled: + type: boolean + field: + type: string + formattedValue: + type: string + index: + type: string + key: + type: string + negate: + type: boolean + params: + type: string + type: + type: string + value: + type: string + missing: + type: string + query: + type: string + range: + type: string + script: + type: string + Security_Solution_Timeline_API_ImportTimelineResult: + type: object + properties: + errors: + items: + type: object + properties: + error: + type: object + properties: + message: + type: string + status_code: + type: number + id: + type: string + type: array + success: + type: boolean + success_count: + type: number + timelines_installed: + type: number + timelines_updated: + type: number + Security_Solution_Timeline_API_ImportTimelines: + allOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_SavedTimeline' + - type: object + properties: + eventNotes: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + nullable: true + type: array + globalNotes: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + nullable: true + type: array + pinnedEventIds: + items: + type: string + nullable: true + type: array + savedObjectId: + nullable: true + type: string + version: + nullable: true + type: string + Security_Solution_Timeline_API_Note: + allOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + - type: object + properties: + noteId: + type: string + version: + type: string + Security_Solution_Timeline_API_PinnedEvent: + type: object + properties: + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + eventId: + type: string + pinnedEventId: + type: string + timelineId: + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + version: + type: string + required: + - eventId + - pinnedEventId + - timelineId + - version + Security_Solution_Timeline_API_QueryMatchResult: + type: object + properties: + displayField: + nullable: true + type: string + displayValue: + nullable: true + type: string + field: + nullable: true + type: string + operator: + nullable: true + type: string + value: + nullable: true + type: string + Security_Solution_Timeline_API_Readable: + type: object + properties: + _data: + additionalProperties: true + type: object + _encoding: + type: string + _events: + additionalProperties: true + type: object + _eventsCount: + type: number + _maxListeners: + additionalProperties: true + type: object + _position: + type: number + _read: + additionalProperties: true + type: object + _readableState: + additionalProperties: true + type: object + readable: + type: boolean + Security_Solution_Timeline_API_RowRendererId: + enum: + - alert + - alerts + - auditd + - auditd_file + - library + - netflow + - plain + - registry + - suricata + - system + - system_dns + - system_endgame_process + - system_file + - system_fim + - system_security_event + - system_socket + - threat_match + - zeek + type: string + Security_Solution_Timeline_API_SavedTimeline: + type: object + properties: + columns: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ColumnHeaderResult + nullable: true + type: array + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + dataProviders: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_DataProviderResult + nullable: true + type: array + dataViewId: + nullable: true + type: string + dateRange: + nullable: true + type: object + properties: + end: + oneOf: + - type: string + - type: number + start: + oneOf: + - type: string + - type: number + description: + nullable: true + type: string + eqlOptions: + nullable: true + type: object + properties: + eventCategoryField: + nullable: true + type: string + query: + nullable: true + type: string + size: + oneOf: + - nullable: true + type: string + - nullable: true + type: number + tiebreakerField: + nullable: true + type: string + timestampField: + nullable: true + type: string + eventType: + nullable: true + type: string + excludedRowRendererIds: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_RowRendererId' + nullable: true + type: array + favorite: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FavoriteTimelineResult + nullable: true + type: array + filters: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FilterTimelineResult + nullable: true + type: array + indexNames: + items: + type: string + nullable: true + type: array + kqlMode: + nullable: true + type: string + kqlQuery: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SerializedFilterQueryResult + nullable: true + savedQueryId: + nullable: true + type: string + savedSearchId: + nullable: true + type: string + sort: + $ref: '#/components/schemas/Security_Solution_Timeline_API_Sort' + nullable: true + status: + enum: + - active + - draft + - immutable + nullable: true + type: string + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineType: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + nullable: true + title: + nullable: true + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + Security_Solution_Timeline_API_SerializedFilterQueryResult: + type: object + properties: + filterQuery: + nullable: true + type: object + properties: + kuery: + nullable: true + type: object + properties: + expression: + nullable: true + type: string + kind: + nullable: true + type: string + serializedQuery: + nullable: true + type: string + Security_Solution_Timeline_API_Sort: + oneOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_SortObject' + - items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_SortObject' + type: array + Security_Solution_Timeline_API_SortFieldTimeline: + description: The field to sort the timelines by. + enum: + - title + - description + - updated + - created + type: string + Security_Solution_Timeline_API_SortObject: + type: object + properties: + columnId: + nullable: true + type: string + columnType: + nullable: true + type: string + sortDirection: + nullable: true + type: string + Security_Solution_Timeline_API_TimelineResponse: + allOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_SavedTimeline' + - type: object + properties: + eventIdToNoteIds: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_Note' + type: array + noteIds: + items: + type: string + type: array + notes: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_Note' + type: array + pinnedEventIds: + items: + type: string + type: array + pinnedEventsSaveObject: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_PinnedEvent + type: array + savedObjectId: + type: string + version: + type: string + required: + - savedObjectId + - version + Security_Solution_Timeline_API_TimelineStatus: + description: >- + The status of the timeline. Valid values are `active`, `draft`, and + `immutable`. + enum: + - active + - draft + - immutable + type: string + Security_Solution_Timeline_API_TimelineType: + description: >- + The type of timeline to create. Valid values are `default` and + `template`. + enum: + - default + - template + type: string + Serverless_saved_objects_400_response: + title: Bad request + type: object + properties: + error: + enum: + - Bad Request + type: string + message: + type: string + statusCode: + enum: + - 400 + type: integer + required: + - error + - message + - statusCode + SLOs_400_response: + title: Bad request + type: object + properties: + error: + example: Bad Request + type: string + message: + example: 'Invalid value ''foo'' supplied to: [...]' + type: string + statusCode: + example: 400 + type: number + required: + - statusCode + - error + - message + SLOs_401_response: + title: Unauthorized + type: object + properties: + error: + example: Unauthorized + type: string + message: + example: "[security_exception\n\tRoot causes:\n\t\tsecurity_exception: unable to authenticate user [elastics] for REST request [/_security/_authenticate]]: unable to authenticate user [elastics] for REST request [/_security/_authenticate]" + type: string + statusCode: + example: 401 + type: number + required: + - statusCode + - error + - message + SLOs_403_response: + title: Unauthorized + type: object + properties: + error: + example: Unauthorized + type: string + message: + example: "[security_exception\n\tRoot causes:\n\t\tsecurity_exception: unable to authenticate user [elastics] for REST request [/_security/_authenticate]]: unable to authenticate user [elastics] for REST request [/_security/_authenticate]" + type: string + statusCode: + example: 403 + type: number + required: + - statusCode + - error + - message + SLOs_404_response: + title: Not found + type: object + properties: + error: + example: Not Found + type: string + message: + example: SLO [3749f390-03a3-11ee-8139-c7ff60a1692d] not found + type: string + statusCode: + example: 404 + type: number + required: + - statusCode + - error + - message + SLOs_409_response: + title: Conflict + type: object + properties: + error: + example: Conflict + type: string + message: + example: SLO [d077e940-1515-11ee-9c50-9d096392f520] already exists + type: string + statusCode: + example: 409 + type: number + required: + - statusCode + - error + - message + SLOs_budgeting_method: + description: The budgeting method to use when computing the rollup data. + enum: + - occurrences + - timeslices + example: occurrences + title: Budgeting method + type: string + SLOs_create_slo_request: + description: > + The create SLO API request body varies depending on the type of + indicator, time window and budgeting method. + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + description: + description: A description for the SLO. + type: string + groupBy: + description: optional group by field to use to generate an SLO per distinct value + example: some.field + type: string + id: + description: >- + A optional and unique identifier for the SLO. Must be between 8 and + 36 chars + example: my-super-slo-id + type: string + indicator: + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + name: + description: A name for the SLO. + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + settings: + $ref: '#/components/schemas/SLOs_settings' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + required: + - name + - description + - indicator + - timeWindow + - budgetingMethod + - objective + title: Create SLO request + type: object + SLOs_create_slo_response: + title: Create SLO response + type: object + properties: + id: + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + required: + - id + SLOs_delete_slo_instances_request: + description: > + The delete SLO instances request takes a list of SLO id and instance id, + then delete the rollup and summary data. This API can be used to remove + the staled data of an instance SLO that no longer get updated. + properties: + list: + description: An array of slo id and instance id + items: + type: object + properties: + instanceId: + description: The SLO instance identifier + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + sloId: + description: The SLO unique identifier + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + required: + - sloId + - instanceId + type: array + required: + - list + title: Delete SLO instances request + type: object + SLOs_error_budget: + title: Error budget + type: object + properties: + consumed: + description: The error budget consummed, as a percentage of the initial value. + example: 0.8 + type: number + initial: + description: The initial error budget, as 1 - objective + example: 0.02 + type: number + isEstimated: + description: >- + Only for SLO defined with occurrences budgeting method and calendar + aligned time window. + example: true + type: boolean + remaining: + description: The error budget remaining, as a percentage of the initial value. + example: 0.2 + type: number + required: + - initial + - consumed + - remaining + - isEstimated + SLOs_filter: + description: Defines properties for a filter + properties: + meta: + $ref: '#/components/schemas/SLOs_filter_meta' + query: + type: object + title: Filter + type: object + SLOs_filter_meta: + description: Defines properties for a filter + properties: + alias: + nullable: true + type: string + controlledBy: + type: string + disabled: + type: boolean + field: + type: string + group: + type: string + index: + type: string + isMultiIndex: + type: boolean + key: + type: string + negate: + type: boolean + params: + type: object + type: + type: string + value: + type: string + title: FilterMeta + type: object + SLOs_find_slo_response: + description: | + A paginated response of SLOs matching the query. + properties: + page: + example: 1 + type: number + perPage: + example: 25 + type: number + results: + items: + $ref: '#/components/schemas/SLOs_slo_with_summary_response' + type: array + total: + example: 34 + type: number + title: Find SLO response + type: object + SLOs_indicator_properties_apm_availability: + description: Defines properties for the APM availability indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + environment: + description: The APM service environment or "*" + example: production + type: string + filter: + description: KQL query used for filtering the data + example: 'service.foo : "bar"' + type: string + index: + description: The index used by APM metrics + example: metrics-apm*,apm* + type: string + service: + description: The APM service name + example: o11y-app + type: string + transactionName: + description: The APM transaction name or "*" + example: GET /my/api + type: string + transactionType: + description: The APM transaction type or "*" + example: request + type: string + required: + - service + - environment + - transactionType + - transactionName + - index + type: + description: The type of indicator. + example: sli.apm.transactionDuration + type: string + required: + - type + - params + title: APM availability + SLOs_indicator_properties_apm_latency: + description: Defines properties for the APM latency indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + environment: + description: The APM service environment or "*" + example: production + type: string + filter: + description: KQL query used for filtering the data + example: 'service.foo : "bar"' + type: string + index: + description: The index used by APM metrics + example: metrics-apm*,apm* + type: string + service: + description: The APM service name + example: o11y-app + type: string + threshold: + description: The latency threshold in milliseconds + example: 250 + type: number + transactionName: + description: The APM transaction name or "*" + example: GET /my/api + type: string + transactionType: + description: The APM transaction type or "*" + example: request + type: string + required: + - service + - environment + - transactionType + - transactionName + - index + - threshold + type: + description: The type of indicator. + example: sli.apm.transactionDuration + type: string + required: + - type + - params + title: APM latency + SLOs_indicator_properties_custom_kql: + description: Defines properties for a custom query indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 + type: string + filter: + $ref: '#/components/schemas/SLOs_kql_with_filters' + good: + $ref: '#/components/schemas/SLOs_kql_with_filters_good' + index: + description: The index or index pattern to use + example: my-service-* + type: string + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp + type: string + total: + $ref: '#/components/schemas/SLOs_kql_with_filters_total' + required: + - index + - timestampField + - good + - total + type: + description: The type of indicator. + example: sli.kql.custom + type: string + required: + - type + - params + title: Custom Query + SLOs_indicator_properties_custom_metric: + description: Defines properties for a custom metric indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 + type: string + filter: + description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + good: + description: | + An object defining the "good" metrics and equation + type: object + properties: + equation: + description: The equation to calculate the "good" metric. + example: A + type: string + metrics: + description: >- + List of metrics with their name, aggregation type, and + field. + items: + type: object + properties: + aggregation: + description: >- + The aggregation type of the metric. Only valid option + is "sum" + enum: + - sum + example: sum + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: ^[A-Z]$ + type: string + required: + - name + - aggregation + - field + type: array + required: + - metrics + - equation + index: + description: The index or index pattern to use + example: my-service-* + type: string + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp + type: string + total: + description: | + An object defining the "total" metrics and equation + type: object + properties: + equation: + description: The equation to calculate the "total" metric. + example: A + type: string + metrics: + description: >- + List of metrics with their name, aggregation type, and + field. + items: + type: object + properties: + aggregation: + description: >- + The aggregation type of the metric. Only valid option + is "sum" + enum: + - sum + example: sum + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: *' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: ^[A-Z]$ + type: string + required: + - name + - aggregation + - field + type: array + required: + - metrics + - equation + required: + - index + - timestampField + - good + - total + type: + description: The type of indicator. + example: sli.metric.custom + type: string + required: + - type + - params + title: Custom metric + SLOs_indicator_properties_histogram: + description: Defines properties for a histogram indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 + type: string + filter: + description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + good: + description: | + An object defining the "good" events + type: object + properties: + aggregation: + description: The type of aggregation to use. + enum: + - value_count + - range + example: value_count + type: string + field: + description: The field use to aggregate the good events. + example: processor.latency + type: string + filter: + description: The filter for good events. + example: 'processor.outcome: "success"' + type: string + from: + description: >- + The starting value of the range. Only required for "range" + aggregations. + example: 0 + type: number + to: + description: >- + The ending value of the range. Only required for "range" + aggregations. + example: 100 + type: number + required: + - aggregation + - field + index: + description: The index or index pattern to use + example: my-service-* + type: string + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp + type: string + total: + description: | + An object defining the "total" events + type: object + properties: + aggregation: + description: The type of aggregation to use. + enum: + - value_count + - range + example: value_count + type: string + field: + description: The field use to aggregate the good events. + example: processor.latency + type: string + filter: + description: The filter for total events. + example: 'processor.outcome : *' + type: string + from: + description: >- + The starting value of the range. Only required for "range" + aggregations. + example: 0 + type: number + to: + description: >- + The ending value of the range. Only required for "range" + aggregations. + example: 100 + type: number + required: + - aggregation + - field + required: + - index + - timestampField + - good + - total + type: + description: The type of indicator. + example: sli.histogram.custom + type: string + required: + - type + - params + title: Histogram indicator + SLOs_indicator_properties_timeslice_metric: + description: Defines properties for a timeslice metric indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 + type: string + filter: + description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + index: + description: The index or index pattern to use + example: my-service-* + type: string + metric: + description: > + An object defining the metrics, equation, and threshold to + determine if it's a good slice or not + type: object + properties: + comparator: + description: >- + The comparator to use to compare the equation to the + threshold. + enum: + - GT + - GTE + - LT + - LTE + example: GT + type: string + equation: + description: The equation to calculate the metric. + example: A + type: string + metrics: + description: >- + List of metrics with their name, aggregation type, and + field. + items: + anyOf: + - $ref: >- + #/components/schemas/SLOs_timeslice_metric_basic_metric_with_field + - $ref: >- + #/components/schemas/SLOs_timeslice_metric_percentile_metric + - $ref: >- + #/components/schemas/SLOs_timeslice_metric_doc_count_metric + type: array + threshold: + description: >- + The threshold used to determine if the metric is a good + slice or not. + example: 100 + type: number + required: + - metrics + - equation + - comparator + - threshold + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp + type: string + required: + - index + - timestampField + - metric + type: + description: The type of indicator. + example: sli.metric.timeslice + type: string + required: + - type + - params + title: Timeslice metric + SLOs_kql_with_filters: + description: Defines properties for a filter + oneOf: + - description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + - type: object + properties: + filters: + items: + $ref: '#/components/schemas/SLOs_filter' + type: array + kqlQuery: + type: string + title: KQL with filters + SLOs_kql_with_filters_good: + description: The KQL query used to define the good events. + oneOf: + - description: the KQL query to filter the documents with. + example: 'request.latency <= 150 and request.status_code : "2xx"' + type: string + - type: object + properties: + filters: + items: + $ref: '#/components/schemas/SLOs_filter' + type: array + kqlQuery: + type: string + title: KQL query for good events + SLOs_kql_with_filters_total: + description: The KQL query used to define all events. + oneOf: + - description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + - type: object + properties: + filters: + items: + $ref: '#/components/schemas/SLOs_filter' + type: array + kqlQuery: + type: string + title: KQL query for all events + SLOs_objective: + description: Defines properties for the SLO objective + type: object + properties: + target: + description: the target objective between 0 and 1 excluded + example: 0.99 + exclusiveMaximum: true + exclusiveMinimum: true + maximum: 100 + minimum: 0 + type: number + timesliceTarget: + description: >- + the target objective for each slice when using a timeslices + budgeting method + example: 0.995 + maximum: 100 + minimum: 0 + type: number + timesliceWindow: + description: >- + the duration of each slice when using a timeslices budgeting method, + as {duraton}{unit} + example: 5m + type: string + required: + - target + title: Objective + SLOs_settings: + description: Defines properties for SLO settings. + properties: + frequency: + default: 1m + description: Configure how often the transform runs, default 1m + example: 5m + type: string + preventInitialBackfill: + default: false + description: Prevents the transform from backfilling data when it starts. + example: true + type: boolean + syncDelay: + default: 1m + description: The synch delay to apply to the transform. Default 1m + example: 5m + type: string + title: Settings + type: object + SLOs_slo_definition_response: + title: SLO definition response + type: object + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + createdAt: + description: The creation date + example: '2023-01-12T10:03:19.000Z' + type: string + description: + description: The description of the SLO. + example: My SLO description + type: string + enabled: + description: Indicate if the SLO is enabled + example: true + type: boolean + groupBy: + description: optional group by field to use to generate an SLO per distinct value + example: some.field + type: string + id: + description: The identifier of the SLO. + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + indicator: + discriminator: + mapping: + sli.apm.transactionDuration: '#/components/schemas/SLOs_indicator_properties_apm_latency' + sli.apm.transactionErrorRate: '#/components/schemas/SLOs_indicator_properties_apm_availability' + sli.histogram.custom: '#/components/schemas/SLOs_indicator_properties_histogram' + sli.kql.custom: '#/components/schemas/SLOs_indicator_properties_custom_kql' + sli.metric.custom: '#/components/schemas/SLOs_indicator_properties_custom_metric' + sli.metric.timeslice: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + propertyName: type + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + name: + description: The name of the SLO. + example: My Service SLO + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + revision: + description: The SLO revision + example: 2 + type: number + settings: + $ref: '#/components/schemas/SLOs_settings' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + updatedAt: + description: The last update date + example: '2023-01-12T10:03:19.000Z' + type: string + version: + description: The internal SLO version + example: 2 + type: number + required: + - id + - name + - description + - indicator + - timeWindow + - budgetingMethod + - objective + - settings + - revision + - enabled + - groupBy + - tags + - createdAt + - updatedAt + - version + SLOs_slo_with_summary_response: + title: SLO response + type: object + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + createdAt: + description: The creation date + example: '2023-01-12T10:03:19.000Z' + type: string + description: + description: The description of the SLO. + example: My SLO description + type: string + enabled: + description: Indicate if the SLO is enabled + example: true + type: boolean + groupBy: + description: optional group by field to use to generate an SLO per distinct value + example: some.field + type: string + id: + description: The identifier of the SLO. + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + indicator: + discriminator: + mapping: + sli.apm.transactionDuration: '#/components/schemas/SLOs_indicator_properties_apm_latency' + sli.apm.transactionErrorRate: '#/components/schemas/SLOs_indicator_properties_apm_availability' + sli.histogram.custom: '#/components/schemas/SLOs_indicator_properties_histogram' + sli.kql.custom: '#/components/schemas/SLOs_indicator_properties_custom_kql' + sli.metric.custom: '#/components/schemas/SLOs_indicator_properties_custom_metric' + sli.metric.timeslice: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + propertyName: type + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + instanceId: + description: the value derived from the groupBy field, if present, otherwise '*' + example: host-abcde + type: string + name: + description: The name of the SLO. + example: My Service SLO + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + revision: + description: The SLO revision + example: 2 + type: number + settings: + $ref: '#/components/schemas/SLOs_settings' + summary: + $ref: '#/components/schemas/SLOs_summary' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + updatedAt: + description: The last update date + example: '2023-01-12T10:03:19.000Z' + type: string + version: + description: The internal SLO version + example: 2 + type: number + required: + - id + - name + - description + - indicator + - timeWindow + - budgetingMethod + - objective + - settings + - revision + - summary + - enabled + - groupBy + - instanceId + - tags + - createdAt + - updatedAt + - version + SLOs_summary: + description: The SLO computed data + properties: + errorBudget: + $ref: '#/components/schemas/SLOs_error_budget' + sliValue: + example: 0.9836 + type: number + status: + $ref: '#/components/schemas/SLOs_summary_status' + required: + - status + - sliValue + - errorBudget + title: Summary + type: object + SLOs_summary_status: + enum: + - NO_DATA + - HEALTHY + - DEGRADING + - VIOLATED + example: HEALTHY + title: summary status + type: string + SLOs_time_window: + description: Defines properties for the SLO time window + type: object + properties: + duration: + description: >- + the duration formatted as {duration}{unit}. Accepted values for + rolling: 7d, 30d, 90d. Accepted values for calendar aligned: 1w + (weekly) or 1M (monthly) + example: 30d + type: string + type: + description: >- + Indicates weither the time window is a rolling or a calendar aligned + time window. + enum: + - rolling + - calendarAligned + example: rolling + type: string + required: + - duration + - type + title: Time window + SLOs_timeslice_metric_basic_metric_with_field: + type: object + properties: + aggregation: + description: The aggregation type of the metric. + enum: + - sum + - avg + - min + - max + - std_deviation + - last_value + - cardinality + example: sum + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: ^[A-Z]$ + type: string + required: + - name + - aggregation + - field + title: Timeslice Metric Basic Metric with Field + SLOs_timeslice_metric_doc_count_metric: + type: object + properties: + aggregation: + description: The aggregation type of the metric. Only valid option is "doc_count" + enum: + - doc_count + example: doc_count + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: ^[A-Z]$ + type: string + required: + - name + - aggregation + title: Timeslice Metric Doc Count Metric + SLOs_timeslice_metric_percentile_metric: + type: object + properties: + aggregation: + description: >- + The aggregation type of the metric. Only valid option is + "percentile" + enum: + - percentile + example: percentile + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: ^[A-Z]$ + type: string + percentile: + description: The percentile value. + example: 95 + type: number + required: + - name + - aggregation + - field + - percentile + title: Timeslice Metric Percentile Metric + SLOs_update_slo_request: + description: > + The update SLO API request body varies depending on the type of + indicator, time window and budgeting method. Partial update is handled. + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + description: + description: A description for the SLO. + type: string + indicator: + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + name: + description: A name for the SLO. + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + settings: + $ref: '#/components/schemas/SLOs_settings' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + title: Update SLO request + type: object + securitySchemes: + apiKeyAuth: + description: >- + You must create an API key and use the encoded value in the request + header. To learn about creating keys, go to [API + keys](https://www.elastic.co/docs/current/serverless/api-keys). + in: header + name: Authorization + type: apiKey +security: + - apiKeyAuth: [] +tags: + - name: alerting + - description: > + Configure APM agent keys to authorize requests from APM agents to the APM + Server. + name: APM agent keys + - description: > + Annotate visualizations in the APM app with significant events. + Annotations enable you to easily see how events are impacting the + performance of your applications. + name: APM annotations + - name: connectors + - name: Data streams + - description: >- + Data view APIs enable you to manage data views, formerly known as Kibana + index patterns. + name: data views + - name: Elastic Agent actions + - name: Elastic Agent binary download sources + - name: Elastic Agent policies + - name: Elastic Agent status + - name: Elastic Agents + - name: Elastic Package Manager (EPM) + - name: Fleet enrollment API keys + - name: Fleet internals + - name: Fleet Kubernetes + - name: Fleet outputs + - name: Fleet package policies + - name: Fleet proxies + - name: Fleet Server hosts + - name: Fleet service tokens + - name: Fleet uninstall tokens + - description: Machine learning + name: ml + - description: > + Export sets of saved objects that you want to import into {kib}, resolve + import errors, and rotate an encryption key for encrypted saved objects + with the saved objects APIs. + + + To manage a specific type of saved object, use the corresponding APIs. + + For example, use: + + + [Data views](../group/endpoint-data-views) + + + Warning: Do not write documents directly to the `.kibana` index. When you + write directly to the `.kibana` index, the data becomes corrupted and + permanently breaks future Kibana versions. + name: saved objects + x-displayName: Saved objects + - description: Manage and interact with Security Assistant resources. + name: Security AI Assistant API + - description: >- + You can create rules that automatically turn events and external alerts + sent to Elastic Security into detection alerts. These alerts are displayed + on the Detections page. + name: Security Solution Detections API + - description: >- + Endpoint Exceptions API allows you to manage detection rule endpoint + exceptions to prevent a rule from generating an alert from incoming events + even when the rule's other criteria are met. + name: Security Solution Endpoint Exceptions API + - description: Interact with and manage endpoints running the Elastic Defend integration. + name: Security Solution Endpoint Management API + - description: '' + name: Security Solution Entity Analytics API + - description: >- + Exceptions API allows you to manage detection rule exceptions to prevent a + rule from generating an alert from incoming events even when the rule's + other criteria are met. + name: Security Solution Exceptions API + - description: Lists API allows you to manage lists of keywords, IPs or IP ranges items. + name: Security Solution Lists API + - description: Run live queries, manage packs and saved queries. + name: Security Solution Osquery API + - description: >- + You can create Timelines and Timeline templates via the API, as well as + import new Timelines from an ndjson file. + name: Security Solution Timeline API + - description: SLO APIs enable you to define, manage and track service-level objectives + name: slo + - name: system diff --git a/oas_docs/output/kibana.serverless.yaml b/oas_docs/output/kibana.serverless.yaml index caaee59e30287..ba913ee77b54b 100644 --- a/oas_docs/output/kibana.serverless.yaml +++ b/oas_docs/output/kibana.serverless.yaml @@ -61,27 +61,27 @@ info: version: 1.0.2 x-doc-license: name: Attribution-NonCommercial-NoDerivatives 4.0 International - url: 'https://creativecommons.org/licenses/by-nc-nd/4.0/' + url: https://creativecommons.org/licenses/by-nc-nd/4.0/ x-feedbackLink: label: Feedback url: >- https://github.com/elastic/docs-content/issues/new?assignees=&labels=feedback%2Ccommunity&projects=&template=api-feedback.yaml&title=%5BFeedback%5D%3A+ servers: - - url: 'http://{kibana_host}:{port}' + - url: http://{kibana_host}:{port} variables: kibana_host: default: localhost port: default: '5601' - - url: 'http://localhost:5622' - - url: 'https://{kibana_url}' + - url: http://localhost:5622 + - url: https://{kibana_url} variables: kibana_url: - default: 'localhost:5601' + default: localhost:5601 - url: / - - url: 'http://KIBANA_HOST:5601' + - url: http://KIBANA_HOST:5601 - description: local - url: 'http://localhost:5601' + url: http://localhost:5601 paths: /api/actions: get: @@ -146,11 +146,53 @@ paths: - actionTypeId responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Create a connector tags: - connectors - '/api/actions/action/{id}': + /api/actions/action/{id}: delete: deprecated: true description: 'WARNING: When you delete a connector, it cannot be recovered.' @@ -203,6 +245,48 @@ paths: type: string responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Get connector information tags: @@ -253,11 +337,53 @@ paths: - name responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Update a connector tags: - connectors - '/api/actions/action/{id}/_execute': + /api/actions/action/{id}/_execute: post: deprecated: true operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D%2F_execute#0' @@ -297,6 +423,48 @@ paths: - params responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Run a connector tags: @@ -326,7 +494,7 @@ paths: summary: Get connector types tags: - connectors - '/api/actions/connector/{id}': + /api/actions/connector/{id}: delete: description: 'WARNING: When you delete a connector, it cannot be recovered.' operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#0' @@ -377,6 +545,48 @@ paths: type: string responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Get connector information tags: @@ -399,7 +609,8 @@ paths: schema: example: 'true' type: string - - in: path + - description: An identifier for the connector. + in: path name: id required: false schema: @@ -430,6 +641,48 @@ paths: - connector_type_id responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Create a connector tags: @@ -480,11 +733,53 @@ paths: - name responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Update a connector tags: - connectors - '/api/actions/connector/{id}/_execute': + /api/actions/connector/{id}/_execute: post: description: >- You can use this API to test an action that involves interaction with @@ -526,6 +821,48 @@ paths: - params responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Run a connector tags: @@ -563,7 +900,7 @@ paths: summary: Get connector types tags: - connectors - '/api/alerting/rule/{id}': + /api/alerting/rule/{id}: delete: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#2' parameters: @@ -591,6 +928,12 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. summary: Delete a rule tags: - alerting @@ -1345,7 +1688,7 @@ paths: description: Recur the rule until this date. type: string wkst: - description: 'Indicates the start of week, defaults to Monday.' + description: Indicates the start of week, defaults to Monday. enum: - MO - TU @@ -1417,6 +1760,12 @@ paths: - execution_status - revision description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. summary: Get rule details tags: - alerting @@ -2480,7 +2829,7 @@ paths: description: Recur the rule until this date. type: string wkst: - description: 'Indicates the start of week, defaults to Monday.' + description: Indicates the start of week, defaults to Monday. enum: - MO - TU @@ -2552,6 +2901,12 @@ paths: - execution_status - revision description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '409': + description: Indicates that the rule id is already in use. summary: Create a rule tags: - alerting @@ -3586,7 +3941,7 @@ paths: description: Recur the rule until this date. type: string wkst: - description: 'Indicates the start of week, defaults to Monday.' + description: Indicates the start of week, defaults to Monday. enum: - MO - TU @@ -3658,10 +4013,18 @@ paths: - execution_status - revision description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + '409': + description: Indicates that the rule has already been updated by another user. summary: Update a rule tags: - alerting - '/api/alerting/rule/{id}/_disable': + /api/alerting/rule/{id}/_disable: post: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_disable#0' parameters: @@ -3701,10 +4064,16 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. summary: Disable a rule tags: - alerting - '/api/alerting/rule/{id}/_enable': + /api/alerting/rule/{id}/_enable: post: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_enable#0' parameters: @@ -3732,10 +4101,16 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. summary: Enable a rule tags: - alerting - '/api/alerting/rule/{id}/_mute_all': + /api/alerting/rule/{id}/_mute_all: post: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_mute_all#0' parameters: @@ -3766,7 +4141,7 @@ paths: summary: Mute all alerts tags: - alerting - '/api/alerting/rule/{id}/_unmute_all': + /api/alerting/rule/{id}/_unmute_all: post: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_unmute_all#0' parameters: @@ -3797,7 +4172,7 @@ paths: summary: Unmute all alerts tags: - alerting - '/api/alerting/rule/{id}/_update_api_key': + /api/alerting/rule/{id}/_update_api_key: post: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_update_api_key#0' parameters: @@ -3825,10 +4200,18 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + '409': + description: Indicates that the rule has already been updated by another user. summary: Update the API key for a rule tags: - alerting - '/api/alerting/rule/{rule_id}/alert/{alert_id}/_mute': + /api/alerting/rule/{rule_id}/alert/{alert_id}/_mute: post: operationId: >- %2Fapi%2Falerting%2Frule%2F%7Brule_id%7D%2Falert%2F%7Balert_id%7D%2F_mute#0 @@ -3863,10 +4246,16 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule or alert with the given ID does not exist. summary: Mute an alert tags: - alerting - '/api/alerting/rule/{rule_id}/alert/{alert_id}/_unmute': + /api/alerting/rule/{rule_id}/alert/{alert_id}/_unmute: post: operationId: >- %2Fapi%2Falerting%2Frule%2F%7Brule_id%7D%2Falert%2F%7Balert_id%7D%2F_unmute#0 @@ -3901,6 +4290,12 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule or alert with the given ID does not exist. summary: Unmute an alert tags: - alerting @@ -4756,7 +5151,7 @@ paths: description: Recur the rule until this date. type: string wkst: - description: 'Indicates the start of week, defaults to Monday.' + description: Indicates the start of week, defaults to Monday. enum: - MO - TU @@ -4828,6 +5223,10 @@ paths: - execution_status - revision description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. summary: Get information about rules tags: - alerting @@ -4846,8 +5245,8 @@ paths: privileges: items: enum: - - 'event:write' - - 'config_agent:read' + - event:write + - config_agent:read type: string type: array required: true @@ -4873,7 +5272,7 @@ paths: summary: Create an APM agent key tags: - APM agent keys - '/api/apm/services/{serviceName}/annotation': + /api/apm/services/{serviceName}/annotation: post: description: Create a new annotation for a specific service. operationId: createAnnotation @@ -4948,7 +5347,7 @@ paths: summary: Create a service annotation tags: - APM annotations - '/api/apm/services/{serviceName}/annotation/search': + /api/apm/services/{serviceName}/annotation/search: get: description: Search for annotations related to a specific service. operationId: getAnnotation @@ -5073,7 +5472,7 @@ paths: summary: Create a data view tags: - data views - '/api/data_views/data_view/{viewId}': + /api/data_views/data_view/{viewId}: delete: description: | WARNING: When you delete a data view, it cannot be recovered. @@ -5146,7 +5545,7 @@ paths: summary: Update a data view tags: - data views - '/api/data_views/data_view/{viewId}/fields': + /api/data_views/data_view/{viewId}/fields: post: description: > Update fields presentation metadata such as count, customLabel, @@ -5189,7 +5588,7 @@ paths: summary: Update data view fields metadata tags: - data views - '/api/data_views/data_view/{viewId}/runtime_field': + /api/data_views/data_view/{viewId}/runtime_field: post: operationId: createRuntimeFieldDefault parameters: @@ -5281,7 +5680,7 @@ paths: summary: Create or update a runtime field tags: - data views - '/api/data_views/data_view/{viewId}/runtime_field/{fieldName}': + /api/data_views/data_view/{viewId}/runtime_field/{fieldName}: delete: operationId: deleteRuntimeFieldDefault parameters: @@ -5588,7 +5987,7 @@ paths: summary: Create agent binary download source tags: - Elastic Agent binary download sources - '/api/fleet/agent_download_sources/{sourceId}': + /api/fleet/agent_download_sources/{sourceId}: delete: operationId: delete-download-source parameters: @@ -5791,7 +6190,7 @@ paths: summary: Bulk get agent policies tags: - Elastic Agent policies - '/api/fleet/agent_policies/{agentPolicyId}': + /api/fleet/agent_policies/{agentPolicyId}: get: description: Get one agent policy operationId: agent-policy-info @@ -5846,7 +6245,7 @@ paths: summary: Update agent policy by ID tags: - Elastic Agent policies - '/api/fleet/agent_policies/{agentPolicyId}/copy': + /api/fleet/agent_policies/{agentPolicyId}/copy: parameters: - in: path name: agentPolicyId @@ -5888,7 +6287,7 @@ paths: summary: Copy agent policy by ID tags: - Elastic Agent policies - '/api/fleet/agent_policies/{agentPolicyId}/download': + /api/fleet/agent_policies/{agentPolicyId}/download: get: operationId: agent-policy-download responses: @@ -5927,7 +6326,7 @@ paths: required: false schema: type: string - '/api/fleet/agent_policies/{agentPolicyId}/full': + /api/fleet/agent_policies/{agentPolicyId}/full: get: operationId: agent-policy-full responses: @@ -6210,7 +6609,7 @@ paths: summary: List agents by action ids tags: - Elastic Agents - '/api/fleet/agents/{agentId}': + /api/fleet/agents/{agentId}: delete: operationId: delete-agent parameters: @@ -6295,7 +6694,7 @@ paths: summary: Update agent by ID tags: - Elastic Agents - '/api/fleet/agents/{agentId}/actions': + /api/fleet/agents/{agentId}/actions: parameters: - in: path name: agentId @@ -6336,7 +6735,7 @@ paths: summary: Create agent action tags: - Elastic Agent actions - '/api/fleet/agents/{agentId}/reassign': + /api/fleet/agents/{agentId}/reassign: parameters: - in: path name: agentId @@ -6398,7 +6797,7 @@ paths: summary: Reassign agent tags: - Elastic Agents - '/api/fleet/agents/{agentId}/request_diagnostics': + /api/fleet/agents/{agentId}/request_diagnostics: parameters: - in: path name: agentId @@ -6437,7 +6836,7 @@ paths: summary: Request agent diagnostics tags: - Elastic Agents - '/api/fleet/agents/{agentId}/unenroll': + /api/fleet/agents/{agentId}/unenroll: parameters: - in: path name: agentId @@ -6483,7 +6882,7 @@ paths: summary: Unenroll agent tags: - Elastic Agents - '/api/fleet/agents/{agentId}/upgrade': + /api/fleet/agents/{agentId}/upgrade: parameters: - in: path name: agentId @@ -6512,7 +6911,7 @@ paths: summary: Upgrade agent tags: - Elastic Agents - '/api/fleet/agents/{agentId}/uploads': + /api/fleet/agents/{agentId}/uploads: get: operationId: list-agent-uploads responses: @@ -6656,7 +7055,7 @@ paths: summary: Get agent action status tags: - Elastic Agent actions - '/api/fleet/agents/actions/{actionId}/cancel': + /api/fleet/agents/actions/{actionId}/cancel: parameters: - in: path name: actionId @@ -6698,7 +7097,7 @@ paths: properties: agents: oneOf: - - description: 'KQL query string, leave empty to action all agents' + - description: KQL query string, leave empty to action all agents type: string - description: list of agent IDs items: @@ -6747,7 +7146,7 @@ paths: type: array agents: oneOf: - - description: 'KQL query string, leave empty to action all agents' + - description: KQL query string, leave empty to action all agents type: string - description: list of agent IDs items: @@ -6791,7 +7190,7 @@ paths: properties: agents: oneOf: - - description: 'KQL query string, leave empty to action all agents' + - description: KQL query string, leave empty to action all agents type: string - description: list of agent IDs items: @@ -6846,7 +7245,7 @@ paths: properties: agents: oneOf: - - description: 'KQL query string, leave empty to action all agents' + - description: KQL query string, leave empty to action all agents type: string - description: list of agent IDs items: @@ -6892,7 +7291,7 @@ paths: - agent1 - agent2 rollout_duration_seconds: 3600 - source_uri: 'https://artifacts.elastic.co/downloads/beats/elastic-agent' + source_uri: https://artifacts.elastic.co/downloads/beats/elastic-agent start_time: '2022-08-03T14:00:00.000Z' version: 8.4.0 schema: @@ -6913,7 +7312,7 @@ paths: summary: Bulk upgrade agents tags: - Elastic Agents - '/api/fleet/agents/files/{fileId}': + /api/fleet/agents/files/{fileId}: delete: operationId: delete-agent-upload-file responses: @@ -6942,7 +7341,7 @@ paths: required: true schema: type: string - '/api/fleet/agents/files/{fileId}/{fileName}': + /api/fleet/agents/files/{fileId}/{fileName}: get: operationId: get-agent-upload-file responses: @@ -7136,7 +7535,7 @@ paths: summary: Create enrollment API key tags: - Fleet enrollment API keys - '/api/fleet/enrollment_api_keys/{keyId}': + /api/fleet/enrollment_api_keys/{keyId}: delete: operationId: delete-enrollment-api-key parameters: @@ -7247,7 +7646,7 @@ paths: summary: Create enrollment API key tags: - Fleet enrollment API keys - '/api/fleet/enrollment-api-keys/{keyId}': + /api/fleet/enrollment-api-keys/{keyId}: delete: deprecated: true operationId: delete-enrollment-api-key-deprecated @@ -7532,7 +7931,7 @@ paths: summary: Bulk install packages tags: - Elastic Package Manager (EPM) - '/api/fleet/epm/packages/{pkgkey}': + /api/fleet/epm/packages/{pkgkey}: delete: deprecated: true operationId: delete-package-deprecated @@ -7692,7 +8091,7 @@ paths: summary: Install package tags: - Elastic Package Manager (EPM) - '/api/fleet/epm/packages/{pkgName}/{pkgVersion}': + /api/fleet/epm/packages/{pkgName}/{pkgVersion}: delete: operationId: delete-package parameters: @@ -7924,7 +8323,7 @@ paths: summary: Update package settings tags: - Elastic Package Manager (EPM) - '/api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath}': + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath}: get: operationId: packages-get-file responses: @@ -7962,7 +8361,7 @@ paths: required: true schema: type: string - '/api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize': + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize: post: description: '' operationId: reauthorize-transforms @@ -8028,7 +8427,7 @@ paths: summary: Authorize transforms tags: - Elastic Package Manager (EPM) - '/api/fleet/epm/packages/{pkgName}/stats': + /api/fleet/epm/packages/{pkgName}/stats: get: operationId: get-package-stats responses: @@ -8075,7 +8474,7 @@ paths: tags: - Elastic Package Manager (EPM) parameters: [] - '/api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs': + /api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs: get: operationId: get-inputs-template responses: @@ -8215,7 +8614,7 @@ paths: summary: Create Fleet Server host tags: - Fleet Server hosts - '/api/fleet/fleet_server_hosts/{itemId}': + /api/fleet/fleet_server_hosts/{itemId}: delete: operationId: delete-fleet-server-hosts parameters: @@ -8448,7 +8847,7 @@ paths: summary: Create output tags: - Fleet outputs - '/api/fleet/outputs/{outputId}': + /api/fleet/outputs/{outputId}: delete: operationId: delete-output parameters: @@ -8517,7 +8916,7 @@ paths: summary: Update output by ID tags: - Fleet outputs - '/api/fleet/outputs/{outputId}/health': + /api/fleet/outputs/{outputId}/health: get: operationId: get-output-health responses: @@ -8531,7 +8930,7 @@ paths: description: long message if unhealthy type: string state: - description: 'state of output, HEALTHY or DEGRADED' + description: state of output, HEALTHY or DEGRADED type: string timestamp: description: timestamp of reported state @@ -8653,7 +9052,7 @@ paths: summary: Bulk get package policies tags: - Fleet package policies - '/api/fleet/package_policies/{packagePolicyId}': + /api/fleet/package_policies/{packagePolicyId}: delete: operationId: delete-package-policy parameters: @@ -8925,7 +9324,7 @@ paths: summary: Create proxy tags: - Fleet proxies - '/api/fleet/proxies/{itemId}': + /api/fleet/proxies/{itemId}: delete: operationId: delete-fleet-proxies parameters: @@ -9184,7 +9583,7 @@ paths: summary: List metadata for latest uninstall tokens per agent policy tags: - Fleet uninstall tokens - '/api/fleet/uninstall_tokens/{uninstallTokenId}': + /api/fleet/uninstall_tokens/{uninstallTokenId}: get: operationId: get-uninstall-token parameters: @@ -9518,7 +9917,7 @@ paths: summary: Get Kibana's current status tags: - system - '/s/{spaceId}/api/observability/slos': + /s/{spaceId}/api/observability/slos: get: description: > You must have the `read` privileges for the **SLOs** feature in the @@ -9533,7 +9932,7 @@ paths: name: kqlQuery schema: type: string - - description: 'The page to use for pagination, must be greater or equal than 1' + - description: The page to use for pagination, must be greater or equal than 1 example: 1 in: query name: page @@ -9657,11 +10056,11 @@ paths: $ref: '#/components/schemas/SLOs_409_response' description: Conflict - The SLO id already exists servers: - - url: 'https://localhost:5601' + - url: https://localhost:5601 summary: Create an SLO tags: - slo - '/s/{spaceId}/api/observability/slos/_delete_instances': + /s/{spaceId}/api/observability/slos/_delete_instances: post: description: > The deletion occurs for the specified list of `sloId` and `instanceId`. @@ -9699,11 +10098,11 @@ paths: $ref: '#/components/schemas/SLOs_403_response' description: Unauthorized response servers: - - url: 'https://localhost:5601' + - url: https://localhost:5601 summary: Batch delete rollup and summary data tags: - slo - '/s/{spaceId}/api/observability/slos/{sloId}': + /s/{spaceId}/api/observability/slos/{sloId}: delete: description: > You must have the `write` privileges for the **SLOs** feature in the @@ -9841,7 +10240,7 @@ paths: summary: Update an SLO tags: - slo - '/s/{spaceId}/api/observability/slos/{sloId}/_reset': + /s/{spaceId}/api/observability/slos/{sloId}/_reset: post: description: > You must have the `write` privileges for the **SLOs** feature in the @@ -9885,7 +10284,7 @@ paths: summary: Reset an SLO tags: - slo - '/s/{spaceId}/api/observability/slos/{sloId}/disable': + /s/{spaceId}/api/observability/slos/{sloId}/disable: post: description: > You must have the `write` privileges for the **SLOs** feature in the @@ -9925,7 +10324,7 @@ paths: summary: Disable an SLO tags: - slo - '/s/{spaceId}/api/observability/slos/{sloId}/enable': + /s/{spaceId}/api/observability/slos/{sloId}/enable: post: description: > You must have the `write` privileges for the **SLOs** feature in the @@ -9975,7 +10374,7 @@ components: runtimeFieldMap: runtime_shape_name: script: - source: 'emit(doc[''shape_name''].value)' + source: emit(doc['shape_name'].value) type: keyword title: logstash-* Data_views_create_runtime_field_request: @@ -9984,7 +10383,7 @@ components: name: runtimeFoo runtimeField: script: - source: 'emit(doc["foo"].value)' + source: emit(doc["foo"].value) type: long Data_views_get_data_view_response: summary: >- @@ -10006,35 +10405,35 @@ components: products.base_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 products.base_unit_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 products.min_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 products.price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 products.taxful_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 products.taxless_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 taxful_total_price: id: number params: - pattern: '$0,0.[00]' + pattern: $0,0.[00] taxless_total_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 fields: _id: aggregatable: false @@ -10510,7 +10909,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.base_price readFromDocValues: true @@ -10526,7 +10925,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.base_unit_price readFromDocValues: true @@ -10646,7 +11045,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.min_price readFromDocValues: true @@ -10662,7 +11061,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.price readFromDocValues: true @@ -10765,7 +11164,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.taxful_price readFromDocValues: true @@ -10781,7 +11180,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.taxless_price readFromDocValues: true @@ -10825,7 +11224,7 @@ components: format: id: number params: - pattern: '$0,0.[00]' + pattern: $0,0.[00] isMapped: true name: taxful_total_price readFromDocValues: true @@ -10841,7 +11240,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: taxless_total_price readFromDocValues: true @@ -10952,7 +11351,7 @@ components: AvgTicketPrice: id: number params: - pattern: '$0,0.[00]' + pattern: $0,0.[00] hour_of_day: id: number params: @@ -11020,7 +11419,7 @@ components: format: id: number params: - pattern: '$0,0.[00]' + pattern: $0,0.[00] isMapped: true name: AvgTicketPrice readFromDocValues: true @@ -11295,7 +11694,7 @@ components: readFromDocValues: false runtimeField: script: - source: 'emit(doc[''timestamp''].value.getHour());' + source: emit(doc['timestamp'].value.getHour()); type: long scripted: false searchable: true @@ -11420,7 +11819,7 @@ components: runtimeFieldMap: hour_of_day: script: - source: 'emit(doc[''timestamp''].value.getHour());' + source: emit(doc['timestamp'].value.getHour()); type: long sourceFilters: [] timeFieldName: timestamp @@ -11435,7 +11834,7 @@ components: readFromDocValues: false runtimeField: script: - source: 'emit(doc[''timestamp''].value.getHour());' + source: emit(doc['timestamp'].value.getHour()); type: long scripted: false searchable: true @@ -11483,7 +11882,7 @@ components: value: runtimeField: script: - source: 'emit(doc["bar"].value)' + source: emit(doc["bar"].value) Machine_learning_APIs_mlSyncExample: summary: Two anomaly detection jobs required synchronization in this example. value: @@ -11654,7 +12053,7 @@ components: - desc type: string Fleet_with_metrics: - description: 'Return agent metrics, false by default' + description: Return agent metrics, false by default in: query name: withMetrics required: false @@ -11928,7 +12327,7 @@ components: - fromId - toId Data_views_timefieldname: - description: 'The timestamp field name, which you use for time-based data views.' + description: The timestamp field name, which you use for time-based data views. type: string Data_views_title: description: >- @@ -11936,7 +12335,7 @@ components: to search. Supports wildcards (`*`). type: string Data_views_type: - description: 'When set to `rollup`, identifies the rollup data views.' + description: When set to `rollup`, identifies the rollup data views. type: string Data_views_typemeta: description: >- @@ -12235,6 +12634,25 @@ components: collection will be disabled nullable: true type: boolean + monitoring_diagnostics: + type: object + properties: + limit: + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number monitoring_enabled: items: enum: @@ -12242,9 +12660,22 @@ components: - logs type: string type: array + monitoring_http: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: number + required: + - enabled monitoring_output_id: nullable: true type: string + monitoring_pprof_enabled: + type: boolean name: type: string namespace: @@ -12463,14 +12894,14 @@ components: properties: agents: oneOf: - - description: 'KQL query string, leave empty to action all agents' + - description: KQL query string, leave empty to action all agents type: string - description: list of agent IDs items: type: string type: array force: - description: 'Force upgrade, skipping validation (should be used with caution)' + description: Force upgrade, skipping validation (should be used with caution) type: boolean rollout_duration_seconds: description: rolling upgrade window duration in seconds @@ -12716,6 +13147,63 @@ components: type: string inputs: type: string + monitoring: + type: object + properties: + diagnostics: + type: object + properties: + limit: + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + enabled: + type: boolean + http: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: number + required: + - enabled + logs: + type: boolean + metrics: + type: boolean + namespace: + type: string + pprof: + type: object + properties: + enabled: + type: boolean + required: + - enabled + traces: + type: boolean + use_output: + type: string + required: + - enabled + - metrics + - logs + - traces output_permissions: additionalProperties: type: object @@ -14025,14 +14513,14 @@ components: type: object properties: enabled: - description: 'enable or disable that input, (default to true)' + description: enable or disable that input, (default to true) type: boolean streams: additionalProperties: type: object properties: enabled: - description: 'enable or disable that stream, (default to true)' + description: enable or disable that stream, (default to true) type: boolean vars: description: >- @@ -14241,7 +14729,7 @@ components: type: object properties: force: - description: 'Force upgrade, skipping validation (should be used with caution)' + description: Force upgrade, skipping validation (should be used with caution) type: boolean skipRateLimitCheck: description: Skip rate limit check for upgrade @@ -14647,7 +15135,7 @@ components: additionalProperties: $ref: >- #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels - description: 'If saved objects are missing for trained models, they are created.' + description: If saved objects are missing for trained models, they are created. type: object title: Sync API response for created saved objects type: object @@ -14774,7 +15262,7 @@ components: example: Not Found type: string message: - example: 'SLO [3749f390-03a3-11ee-8139-c7ff60a1692d] not found' + example: SLO [3749f390-03a3-11ee-8139-c7ff60a1692d] not found type: string statusCode: example: 404 @@ -14791,7 +15279,7 @@ components: example: Conflict type: string message: - example: 'SLO [d077e940-1515-11ee-9c50-9d096392f520] already exists' + example: SLO [d077e940-1515-11ee-9c50-9d096392f520] already exists type: string statusCode: example: 409 @@ -14900,11 +15388,11 @@ components: type: object properties: consumed: - description: 'The error budget consummed, as a percentage of the initial value.' + description: The error budget consummed, as a percentage of the initial value. example: 0.8 type: number initial: - description: 'The initial error budget, as 1 - objective' + description: The initial error budget, as 1 - objective example: 0.02 type: number isEstimated: @@ -14914,7 +15402,7 @@ components: example: true type: boolean remaining: - description: 'The error budget remaining, as a percentage of the initial value.' + description: The error budget remaining, as a percentage of the initial value. example: 0.2 type: number required: @@ -14999,7 +15487,7 @@ components: type: string index: description: The index used by APM metrics - example: 'metrics-apm*,apm*' + example: metrics-apm*,apm* type: string service: description: The APM service name @@ -15046,7 +15534,7 @@ components: type: string index: description: The index used by APM metrics - example: 'metrics-apm*,apm*' + example: metrics-apm*,apm* type: string service: description: The APM service name @@ -15180,7 +15668,7 @@ components: name: description: The name of the metric. Only valid options are A-Z example: A - pattern: '^[A-Z]$' + pattern: ^[A-Z]$ type: string required: - name @@ -15234,7 +15722,7 @@ components: name: description: The name of the metric. Only valid options are A-Z example: A - pattern: '^[A-Z]$' + pattern: ^[A-Z]$ type: string required: - name @@ -15536,7 +16024,7 @@ components: properties: frequency: default: 1m - description: 'Configure how often the transform runs, default 1m' + description: Configure how often the transform runs, default 1m example: 5m type: string preventInitialBackfill: @@ -15681,7 +16169,7 @@ components: - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' instanceId: - description: 'the value derived from the groupBy field, if present, otherwise ''*''' + description: the value derived from the groupBy field, if present, otherwise '*' example: host-abcde type: string name: @@ -15806,7 +16294,7 @@ components: name: description: The name of the metric. Only valid options are A-Z example: A - pattern: '^[A-Z]$' + pattern: ^[A-Z]$ type: string required: - name @@ -15829,7 +16317,7 @@ components: name: description: The name of the metric. Only valid options are A-Z example: A - pattern: '^[A-Z]$' + pattern: ^[A-Z]$ type: string required: - name @@ -15857,7 +16345,7 @@ components: name: description: The name of the metric. Only valid options are A-Z example: A - pattern: '^[A-Z]$' + pattern: ^[A-Z]$ type: string percentile: description: The percentile value. @@ -15967,6 +16455,6 @@ tags: permanently breaks future Kibana versions. name: saved objects x-displayName: Saved objects - - description: 'SLO APIs enable you to define, manage and track service-level objectives' + - description: SLO APIs enable you to define, manage and track service-level objectives name: slo - name: system diff --git a/oas_docs/output/kibana.staging.yaml b/oas_docs/output/kibana.staging.yaml new file mode 100644 index 0000000000000..c2b530c0af263 --- /dev/null +++ b/oas_docs/output/kibana.staging.yaml @@ -0,0 +1,42286 @@ +openapi: 3.0.3 +info: + contact: + name: Kibana Team + description: > + The Kibana REST APIs enable you to manage resources such as connectors, data + views, and saved objects. + + The API calls are stateless. + + Each request that you make happens in isolation from other calls and must + include all of the necessary information for Kibana to fulfill the + + request. + + API requests return JSON output, which is a format that is machine-readable + and works well for automation. + + + To interact with Kibana APIs, use the following operations: + + + - GET: Fetches the information. + + - PATCH: Applies partial modifications to the existing information. + + - POST: Adds new information. + + - PUT: Updates the existing information. + + - DELETE: Removes the information. + + + You can prepend any Kibana API endpoint with `kbn:` and run the request in + **Dev Tools → Console**. + + For example: + + + ``` + + GET kbn:/api/data_views + + ``` + + + For more information about the console, refer to [Run API + requests](https://www.elastic.co/guide/en/kibana/current/console-kibana.html). + + + NOTE: Access to internal Kibana API endpoints will be restricted in Kibana + version 9.0. Please move any integrations to publicly documented APIs. + + + ## Documentation source and versions + + + This documentation is derived from the `main` branch of the + [kibana](https://github.com/elastic/kibana) repository. + + It is provided under license [Attribution-NonCommercial-NoDerivatives 4.0 + International](https://creativecommons.org/licenses/by-nc-nd/4.0/). + title: Kibana APIs + version: 1.0.2 + x-doc-license: + name: Attribution-NonCommercial-NoDerivatives 4.0 International + url: https://creativecommons.org/licenses/by-nc-nd/4.0/ + x-feedbackLink: + label: Feedback + url: >- + https://github.com/elastic/docs-content/issues/new?assignees=&labels=feedback%2Ccommunity&projects=&template=api-feedback.yaml&title=%5BFeedback%5D%3A+ +servers: + - url: https://{kibana_url} + variables: + kibana_url: + default: localhost:5601 +paths: + /api/actions: + get: + deprecated: true + operationId: '%2Fapi%2Factions#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: {} + summary: Get all connectors + tags: + - connectors + /api/actions/action: + post: + deprecated: true + operationId: '%2Fapi%2Factions%2Faction#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actionTypeId: + description: The connector type identifier. + type: string + config: + additionalProperties: {} + default: {} + type: object + name: + description: The display name for the connector. + type: string + secrets: + additionalProperties: {} + default: {} + type: object + required: + - name + - actionTypeId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Create a connector + tags: + - connectors + /api/actions/action/{id}: + delete: + deprecated: true + description: 'WARNING: When you delete a connector, it cannot be recovered.' + operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + summary: Delete a connector + tags: + - connectors + get: + deprecated: true + operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Get connector information + tags: + - connectors + put: + deprecated: true + operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + default: {} + type: object + name: + type: string + secrets: + additionalProperties: {} + default: {} + type: object + required: + - name + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Update a connector + tags: + - connectors + /api/actions/action/{id}/_execute: + post: + deprecated: true + operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D%2F_execute#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + params: + additionalProperties: {} + type: object + required: + - params + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Run a connector + tags: + - connectors + /api/actions/connector_types: + get: + description: You do not need any Kibana feature privileges to run this API. + operationId: '%2Fapi%2Factions%2Fconnector_types#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: >- + A filter to limit the retrieved connector types to those that + support a specific feature (such as alerting or cases). + in: query + name: feature_id + required: false + schema: + type: string + responses: {} + summary: Get connector types + tags: + - connectors + /api/actions/connector/{id}: + delete: + description: 'WARNING: When you delete a connector, it cannot be recovered.' + operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + summary: Delete a connector + tags: + - connectors + get: + operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Get connector information + tags: + - connectors + post: + operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%3F%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: false + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + default: {} + type: object + connector_type_id: + description: The type of connector. + type: string + name: + description: The display name for the connector. + type: string + secrets: + additionalProperties: {} + default: {} + type: object + required: + - name + - connector_type_id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Create a connector + tags: + - connectors + put: + operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + default: {} + type: object + name: + description: The display name for the connector. + type: string + secrets: + additionalProperties: {} + default: {} + type: object + required: + - name + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Update a connector + tags: + - connectors + /api/actions/connector/{id}/_execute: + post: + description: >- + You can use this API to test an action that involves interaction with + Kibana services or integrations with third-party systems. + operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D%2F_execute#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + params: + additionalProperties: {} + type: object + required: + - params + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Run a connector + tags: + - connectors + /api/actions/connectors: + get: + operationId: '%2Fapi%2Factions%2Fconnectors#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: {} + summary: Get all connectors + tags: + - connectors + /api/actions/list_action_types: + get: + deprecated: true + operationId: '%2Fapi%2Factions%2Flist_action_types#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: {} + summary: Get connector types + tags: + - connectors + /api/alerting/_health: + get: + description: > + You must have `read` privileges for the **Management > Stack Rules** + feature or for at least one of the **Analytics > Discover**, **Analytics + > Machine Learning**, **Observability**, or **Security** features. + operationId: getAlertingHealth + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getAlertingHealthResponse: + $ref: '#/components/examples/Alerting_get_health_response' + schema: + type: object + properties: + alerting_framework_health: + description: > + Three substates identify the health of the alerting + framework: `decryption_health`, `execution_health`, and + `read_health`. + type: object + properties: + decryption_health: + description: The timestamp and status of the rule decryption. + type: object + properties: + status: + enum: + - error + - ok + - warn + example: ok + type: string + timestamp: + example: '2023-01-13T01:28:00.280Z' + format: date-time + type: string + execution_health: + description: The timestamp and status of the rule run. + type: object + properties: + status: + enum: + - error + - ok + - warn + example: ok + type: string + timestamp: + example: '2023-01-13T01:28:00.280Z' + format: date-time + type: string + read_health: + description: The timestamp and status of the rule reading events. + type: object + properties: + status: + enum: + - error + - ok + - warn + example: ok + type: string + timestamp: + example: '2023-01-13T01:28:00.280Z' + format: date-time + type: string + has_permanent_encryption_key: + description: >- + If `false`, the encrypted saved object plugin does not + have a permanent encryption key. + example: true + type: boolean + is_sufficiently_secure: + description: If `false`, security is enabled but TLS is not. + example: true + type: boolean + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Get the alerting framework health + tags: + - alerting + /api/alerting/rule_types: + get: + description: > + If you have `read` privileges for one or more Kibana features, the API + response contains information about the appropriate rule types. For + example, there are rule types associated with the **Management > Stack + Rules** feature, **Analytics > Discover** and **Machine Learning** + features, **Observability** features, and **Security** features. To get + rule types associated with the **Stack Monitoring** feature, use the + `monitoring_user` built-in role. + operationId: getRuleTypes + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getRuleTypesResponse: + $ref: '#/components/examples/Alerting_get_rule_types_response' + schema: + items: + type: object + properties: + action_groups: + description: > + An explicit list of groups for which the rule type can + schedule actions, each with the action group's unique ID + and human readable name. Rule actions validation uses + this configuration to ensure that groups are valid. + items: + type: object + properties: + id: + type: string + name: + type: string + type: array + action_variables: + description: > + A list of action variables that the rule type makes + available via context and state in action parameter + templates, and a short human readable description. When + you create a rule in Kibana, it uses this information to + prompt you for these variables in action parameter + editors. + type: object + properties: + context: + items: + type: object + properties: + description: + type: string + name: + type: string + useWithTripleBracesInTemplates: + type: boolean + type: array + params: + items: + type: object + properties: + description: + type: string + name: + type: string + type: array + state: + items: + type: object + properties: + description: + type: string + name: + type: string + type: array + alerts: + description: > + Details for writing alerts as data documents for this + rule type. + type: object + properties: + context: + description: | + The namespace for this rule type. + enum: + - ml.anomaly-detection + - observability.apm + - observability.logs + - observability.metrics + - observability.slo + - observability.threshold + - observability.uptime + - security + - stack + type: string + dynamic: + description: Indicates whether new fields are added dynamically. + enum: + - 'false' + - runtime + - strict + - 'true' + type: string + isSpaceAware: + description: > + Indicates whether the alerts are space-aware. If + true, space-specific alert indices are used. + type: boolean + mappings: + type: object + properties: + fieldMap: + additionalProperties: + $ref: >- + #/components/schemas/Alerting_fieldmap_properties + description: > + Mapping information for each field supported in + alerts as data documents for this rule type. For + more information about mapping parameters, refer + to the Elasticsearch documentation. + type: object + secondaryAlias: + description: > + A secondary alias. It is typically used to support + the signals alias for detection rules. + type: string + shouldWrite: + description: > + Indicates whether the rule should write out alerts + as data. + type: boolean + useEcs: + description: > + Indicates whether to include the ECS component + template for the alerts. + type: boolean + useLegacyAlerts: + default: false + description: > + Indicates whether to include the legacy component + template for the alerts. + type: boolean + authorized_consumers: + description: >- + The list of the plugins IDs that have access to the rule + type. + type: object + properties: + alerts: + type: object + properties: + all: + type: boolean + read: + type: boolean + apm: + type: object + properties: + all: + type: boolean + read: + type: boolean + discover: + type: object + properties: + all: + type: boolean + read: + type: boolean + infrastructure: + type: object + properties: + all: + type: boolean + read: + type: boolean + logs: + type: object + properties: + all: + type: boolean + read: + type: boolean + ml: + type: object + properties: + all: + type: boolean + read: + type: boolean + monitoring: + type: object + properties: + all: + type: boolean + read: + type: boolean + siem: + type: object + properties: + all: + type: boolean + read: + type: boolean + slo: + type: object + properties: + all: + type: boolean + read: + type: boolean + stackAlerts: + type: object + properties: + all: + type: boolean + read: + type: boolean + uptime: + type: object + properties: + all: + type: boolean + read: + type: boolean + category: + description: >- + The rule category, which is used by features such as + category-specific maintenance windows. + enum: + - management + - observability + - securitySolution + type: string + default_action_group_id: + description: The default identifier for the rule type group. + type: string + does_set_recovery_context: + description: >- + Indicates whether the rule passes context variables to + its recovery action. + type: boolean + enabled_in_license: + description: >- + Indicates whether the rule type is enabled or disabled + based on the subscription. + type: boolean + has_alerts_mappings: + description: >- + Indicates whether the rule type has custom mappings for + the alert data. + type: boolean + has_fields_for_a_a_d: + type: boolean + id: + description: The unique identifier for the rule type. + type: string + is_exportable: + description: >- + Indicates whether the rule type is exportable in **Stack + Management > Saved Objects**. + type: boolean + minimum_license_required: + description: The subscriptions required to use the rule type. + example: basic + type: string + name: + description: The descriptive name of the rule type. + type: string + producer: + description: >- + An identifier for the application that produces this + rule type. + example: stackAlerts + type: string + recovery_action_group: + description: >- + An action group to use when an alert goes from an active + state to an inactive one. + type: object + properties: + id: + type: string + name: + type: string + rule_task_timeout: + example: 5m + type: string + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Get the rule types + tags: + - alerting + /api/alerting/rule/{id}: + delete: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + summary: Delete a rule + tags: + - alerting + get: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + items: + additionalProperties: false + type: object + properties: + alerts_filter: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL) as defined in + the `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the + days of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work + but lack built-in daylight savings time + support and are not recommended. + type: string + required: + - days + - hours + - timezone + connector_type_id: + description: >- + The type of connector. This property appears in + responses but cannot be set in requests. + type: string + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. + Valid values include: `onActionGroupChange`: + Actions run when the alert status changes; + `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while + the rule conditions are met; + `onThrottleInterval`: Actions run when the alert + becomes active and at the interval specified in + the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The + recommended method is to set it for each action. + If you set it at the rule level then update the + rule in Kibana, it is automatically changed to + use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often + an alert generates repeated actions. It is + specified in seconds, minutes, hours, or days + and is applicable only if 'notify_when' is set + to 'onThrottleInterval'. NOTE: You cannot + specify the throttle interval at both the rule + and action level. The recommended method is to + set it for each action. If you set it at the + rule level then update the rule in Kibana, it is + automatically changed to use action-specific + values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: >- + A universally unique identifier (UUID) for the + action. + type: string + required: + - id + - connector_type_id + - params + type: array + active_snoozes: + items: + description: List of active snoozes for the rule. + type: string + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + api_key_created_by_user: + description: >- + Indicates whether the API key that is associated with the + rule was created by the user. + nullable: true + type: boolean + api_key_owner: + description: >- + The owner of the API key that is associated with the rule + and used to run background tasks. + nullable: true + type: string + consumer: + description: >- + The name of the application or feature that owns the rule. + For example: `alerts`, `apm`, `discover`, + `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, + `securitySolution`, `siem`, `stackAlerts`, or `uptime`. + type: string + created_at: + description: The date and time that the rule was created. + type: string + created_by: + description: The identifier for the user that created the rule. + nullable: true + type: string + enabled: + description: >- + Indicates whether you want to run the rule on an interval + basis after it is created. + type: boolean + execution_status: + additionalProperties: false + type: object + properties: + error: + additionalProperties: false + type: object + properties: + message: + description: Error message. + type: string + reason: + description: Reason for error. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + type: string + required: + - reason + - message + last_duration: + description: Duration of last execution of the rule. + type: number + last_execution_date: + description: The date and time when rule was executed last. + type: string + status: + description: Status of rule execution. + enum: + - ok + - active + - error + - warning + - pending + - unknown + type: string + warning: + additionalProperties: false + type: object + properties: + message: + description: Warning message. + type: string + reason: + description: Reason for warning. + enum: + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + type: string + required: + - reason + - message + required: + - status + - last_execution_date + id: + description: The identifier for the rule. + type: string + is_snoozed_until: + description: The date when the rule will no longer be snoozed. + nullable: true + type: string + last_run: + additionalProperties: false + nullable: true + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: Number of ignored alerts during last run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: Number of recovered alerts during last run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value could be + succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: Outcome message generated during last rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + mapped_params: + additionalProperties: {} + type: object + monitoring: + additionalProperties: false + description: Monitoring details of the rule. + type: object + properties: + run: + additionalProperties: false + description: Rule run details. + type: object + properties: + calculated_metrics: + additionalProperties: false + description: >- + Calculation of different percentiles and success + ratio. + type: object + properties: + p50: + type: number + p95: + type: number + p99: + type: number + success_ratio: + type: number + required: + - success_ratio + history: + description: History of the rule run. + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule run. + type: number + outcome: + additionalProperties: false + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: >- + Number of ignored alerts during last + run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: >- + Number of recovered alerts during last + run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value + could be succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: >- + Outcome message generated during last + rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + success: + description: >- + Indicates whether the rule run was + successful. + type: boolean + timestamp: + description: Time of rule run. + type: number + required: + - success + - timestamp + type: array + last_run: + additionalProperties: false + type: object + properties: + metrics: + additionalProperties: false + type: object + properties: + duration: + description: Duration of most recent rule run. + type: number + gap_duration_s: + description: Duration in seconds of rule run gap. + nullable: true + type: number + total_alerts_created: + description: >- + Total number of alerts created during last + rule run. + nullable: true + type: number + total_alerts_detected: + description: >- + Total number of alerts detected during + last rule run. + nullable: true + type: number + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during + last rule run in milliseconds. + nullable: true + type: number + total_search_duration_ms: + description: >- + Total time spent performing Elasticsearch + searches as measured by Kibana; includes + network latency and time spent serializing + or deserializing the request and response. + nullable: true + type: number + timestamp: + description: Time of the most recent rule run. + type: string + required: + - timestamp + - metrics + required: + - history + - calculated_metrics + - last_run + required: + - run + mute_all: + description: Indicates whether all alerts are muted. + type: boolean + muted_alert_ids: + items: + description: 'List of identifiers of muted alerts. ' + type: string + type: array + name: + description: ' The name of the rule.' + type: string + next_run: + description: Date and time of the next run of the rule. + nullable: true + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the + alert becomes active and at each check interval while the + rule conditions are met; `onThrottleInterval`: Actions run + when the alert becomes active and at the interval + specified in the throttle property while the rule + conditions are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The recommended method + is to set it for each action. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + description: The parameters for the rule. + type: object + revision: + description: The rule revision number. + type: number + rule_type_id: + description: The rule type identifier. + type: string + running: + description: Indicates whether the rule is running. + nullable: true + type: boolean + schedule: + additionalProperties: false + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, + or days. + type: string + required: + - interval + scheduled_task_id: + description: Identifier of the scheduled task. + type: string + snooze_schedule: + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule snooze schedule. + type: number + id: + description: Identifier of the rule snooze schedule. + type: string + rRule: + additionalProperties: false + type: object + properties: + byhour: + items: + description: Indicates hours of the day to recur. + type: number + type: array + byminute: + items: + description: Indicates minutes of the hour to recur. + type: number + type: array + bymonth: + items: + description: >- + Indicates months of the year that this rule + should recur. + type: number + type: array + bymonthday: + items: + description: Indicates the days of the month to recur. + type: number + type: array + bysecond: + items: + description: Indicates seconds of the day to recur. + type: number + type: array + bysetpos: + items: + description: >- + A positive or negative integer affecting the + nth day of the month. For example, -2 combined + with `byweekday` of FR is 2nd to last Friday + of the month. It is recommended to not set + this manually and just use `byweekday`. + type: number + type: array + byweekday: + items: + anyOf: + - type: string + - type: number + description: >- + Indicates the days of the week to recur or + else nth-day-of-month strings. For example, + "+2TU" second Tuesday of month, "-1FR" last + Friday of the month, which are internally + converted to a `byweekday/bysetpos` + combination. + type: array + byweekno: + items: + description: Indicates number of the week hours to recur. + type: number + type: array + byyearday: + items: + description: >- + Indicates the days of the year that this rule + should recur. + type: number + type: array + count: + description: >- + Number of times the rule should recur until it + stops. + type: number + dtstart: + description: >- + Rule start date in Coordinated Universal Time + (UTC). + type: string + freq: + description: >- + Indicates frequency of the rule. Options are + YEARLY, MONTHLY, WEEKLY, DAILY. + enum: + - 0 + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + type: integer + interval: + description: >- + Indicates the interval of frequency. For + example, 1 and YEARLY is every 1 year, 2 and + WEEKLY is every 2 weeks. + type: number + tzid: + description: Indicates timezone abbreviation. + type: string + until: + description: Recur the rule until this date. + type: string + wkst: + description: Indicates the start of week, defaults to Monday. + enum: + - MO + - TU + - WE + - TH + - FR + - SA + - SU + type: string + required: + - dtstart + - tzid + skipRecurrences: + items: + description: Skips recurrence of rule on this date. + type: string + type: array + required: + - duration + - rRule + type: array + tags: + items: + description: The tags for the rule. + type: string + type: array + throttle: + deprecated: true + description: >- + Deprecated in 8.13.0. Use the `throttle` property in the + action `frequency` object instead. The throttle interval, + which defines how often an alert generates repeated + actions. NOTE: You cannot specify the throttle interval at + both the rule and action level. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + updated_at: + description: The date and time that the rule was updated most recently. + type: string + updated_by: + description: >- + The identifier for the user that updated this rule most + recently. + nullable: true + type: string + view_in_app_relative_url: + description: Relative URL to view rule in the app. + nullable: true + type: string + required: + - id + - enabled + - name + - tags + - rule_type_id + - consumer + - schedule + - actions + - params + - created_by + - updated_by + - created_at + - updated_at + - api_key_owner + - mute_all + - muted_alert_ids + - execution_status + - revision + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + summary: Get rule details + tags: + - alerting + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%3F%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: >- + The identifier for the rule. If it is omitted, an ID is randomly + generated. + in: path + name: id + required: false + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + default: [] + items: + additionalProperties: false + description: An action that runs under defined conditions. + type: object + properties: + alerts_filter: + additionalProperties: false + description: >- + Conditions that affect whether the action runs. If you + specify multiple conditions, all conditions must be + met for the action to run. For example, if an alert + occurs within the specified time frame and matches the + query, the action runs. + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query Domain + Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query Domain + Specific Language (DSL) as defined in the + `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the days + of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + description: >- + Defines the range of time in a day that the + action can run. If the `start` value is + `00:00` and the `end` value is `24:00`, + actions be generated all day. + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work but + lack built-in daylight savings time support + and are not recommended. + type: string + required: + - days + - hours + - timezone + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. Valid + values include: `onActionGroupChange`: Actions run + when the alert status changes; `onActiveAlert`: + Actions run when the alert becomes active and at + each check interval while the rule conditions are + met; `onThrottleInterval`: Actions run when the + alert becomes active and at the interval specified + in the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` at + both the rule and action level. The recommended + method is to set it for each action. If you set it + at the rule level then update the rule in Kibana, + it is automatically changed to use action-specific + values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often an + alert generates repeated actions. It is specified + in seconds, minutes, hours, or days and is + applicable only if `notify_when` is set to + `onThrottleInterval`. NOTE: You cannot specify the + throttle interval at both the rule and action + level. The recommended method is to set it for + each action. If you set it at the rule level then + update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + default: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: A universally unique identifier (UUID) for the action. + type: string + required: + - id + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + consumer: + description: >- + The name of the application or feature that owns the rule. + For example: `alerts`, `apm`, `discover`, `infrastructure`, + `logs`, `metrics`, `ml`, `monitoring`, `securitySolution`, + `siem`, `stackAlerts`, or `uptime`. + type: string + enabled: + default: true + description: >- + Indicates whether you want to run the rule on an interval + basis after it is created. + type: boolean + name: + description: >- + The name of the rule. While this name does not have to be + unique, a distinctive name can help you identify a rule. + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while the rule + conditions are met; `onThrottleInterval`: Actions run when + the alert becomes active and at the interval specified in + the throttle property while the rule conditions are met. + NOTE: You cannot specify `notify_when` at both the rule and + action level. The recommended method is to set it for each + action. If you set it at the rule level then update the rule + in Kibana, it is automatically changed to use + action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + default: {} + description: The parameters for the rule. + type: object + rule_type_id: + description: The rule type identifier. + type: string + schedule: + additionalProperties: false + description: >- + The check interval, which specifies how frequently the rule + conditions are checked. + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, or + days. + type: string + required: + - interval + tags: + default: [] + description: The tags for the rule. + items: + type: string + type: array + throttle: + description: >- + Use the `throttle` property in the action `frequency` object + instead. The throttle interval, which defines how often an + alert generates repeated actions. NOTE: You cannot specify + the throttle interval at both the rule and action level. If + you set it at the rule level then update the rule in Kibana, + it is automatically changed to use action-specific values. + nullable: true + type: string + required: + - name + - rule_type_id + - consumer + - schedule + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + items: + additionalProperties: false + type: object + properties: + alerts_filter: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL) as defined in + the `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the + days of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work + but lack built-in daylight savings time + support and are not recommended. + type: string + required: + - days + - hours + - timezone + connector_type_id: + description: >- + The type of connector. This property appears in + responses but cannot be set in requests. + type: string + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. + Valid values include: `onActionGroupChange`: + Actions run when the alert status changes; + `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while + the rule conditions are met; + `onThrottleInterval`: Actions run when the alert + becomes active and at the interval specified in + the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The + recommended method is to set it for each action. + If you set it at the rule level then update the + rule in Kibana, it is automatically changed to + use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often + an alert generates repeated actions. It is + specified in seconds, minutes, hours, or days + and is applicable only if 'notify_when' is set + to 'onThrottleInterval'. NOTE: You cannot + specify the throttle interval at both the rule + and action level. The recommended method is to + set it for each action. If you set it at the + rule level then update the rule in Kibana, it is + automatically changed to use action-specific + values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: >- + A universally unique identifier (UUID) for the + action. + type: string + required: + - id + - connector_type_id + - params + type: array + active_snoozes: + items: + description: List of active snoozes for the rule. + type: string + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + api_key_created_by_user: + description: >- + Indicates whether the API key that is associated with the + rule was created by the user. + nullable: true + type: boolean + api_key_owner: + description: >- + The owner of the API key that is associated with the rule + and used to run background tasks. + nullable: true + type: string + consumer: + description: >- + The name of the application or feature that owns the rule. + For example: `alerts`, `apm`, `discover`, + `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, + `securitySolution`, `siem`, `stackAlerts`, or `uptime`. + type: string + created_at: + description: The date and time that the rule was created. + type: string + created_by: + description: The identifier for the user that created the rule. + nullable: true + type: string + enabled: + description: >- + Indicates whether you want to run the rule on an interval + basis after it is created. + type: boolean + execution_status: + additionalProperties: false + type: object + properties: + error: + additionalProperties: false + type: object + properties: + message: + description: Error message. + type: string + reason: + description: Reason for error. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + type: string + required: + - reason + - message + last_duration: + description: Duration of last execution of the rule. + type: number + last_execution_date: + description: The date and time when rule was executed last. + type: string + status: + description: Status of rule execution. + enum: + - ok + - active + - error + - warning + - pending + - unknown + type: string + warning: + additionalProperties: false + type: object + properties: + message: + description: Warning message. + type: string + reason: + description: Reason for warning. + enum: + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + type: string + required: + - reason + - message + required: + - status + - last_execution_date + id: + description: The identifier for the rule. + type: string + is_snoozed_until: + description: The date when the rule will no longer be snoozed. + nullable: true + type: string + last_run: + additionalProperties: false + nullable: true + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: Number of ignored alerts during last run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: Number of recovered alerts during last run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value could be + succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: Outcome message generated during last rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + mapped_params: + additionalProperties: {} + type: object + monitoring: + additionalProperties: false + description: Monitoring details of the rule. + type: object + properties: + run: + additionalProperties: false + description: Rule run details. + type: object + properties: + calculated_metrics: + additionalProperties: false + description: >- + Calculation of different percentiles and success + ratio. + type: object + properties: + p50: + type: number + p95: + type: number + p99: + type: number + success_ratio: + type: number + required: + - success_ratio + history: + description: History of the rule run. + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule run. + type: number + outcome: + additionalProperties: false + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: >- + Number of ignored alerts during last + run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: >- + Number of recovered alerts during last + run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value + could be succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: >- + Outcome message generated during last + rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + success: + description: >- + Indicates whether the rule run was + successful. + type: boolean + timestamp: + description: Time of rule run. + type: number + required: + - success + - timestamp + type: array + last_run: + additionalProperties: false + type: object + properties: + metrics: + additionalProperties: false + type: object + properties: + duration: + description: Duration of most recent rule run. + type: number + gap_duration_s: + description: Duration in seconds of rule run gap. + nullable: true + type: number + total_alerts_created: + description: >- + Total number of alerts created during last + rule run. + nullable: true + type: number + total_alerts_detected: + description: >- + Total number of alerts detected during + last rule run. + nullable: true + type: number + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during + last rule run in milliseconds. + nullable: true + type: number + total_search_duration_ms: + description: >- + Total time spent performing Elasticsearch + searches as measured by Kibana; includes + network latency and time spent serializing + or deserializing the request and response. + nullable: true + type: number + timestamp: + description: Time of the most recent rule run. + type: string + required: + - timestamp + - metrics + required: + - history + - calculated_metrics + - last_run + required: + - run + mute_all: + description: Indicates whether all alerts are muted. + type: boolean + muted_alert_ids: + items: + description: 'List of identifiers of muted alerts. ' + type: string + type: array + name: + description: ' The name of the rule.' + type: string + next_run: + description: Date and time of the next run of the rule. + nullable: true + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the + alert becomes active and at each check interval while the + rule conditions are met; `onThrottleInterval`: Actions run + when the alert becomes active and at the interval + specified in the throttle property while the rule + conditions are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The recommended method + is to set it for each action. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + description: The parameters for the rule. + type: object + revision: + description: The rule revision number. + type: number + rule_type_id: + description: The rule type identifier. + type: string + running: + description: Indicates whether the rule is running. + nullable: true + type: boolean + schedule: + additionalProperties: false + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, + or days. + type: string + required: + - interval + scheduled_task_id: + description: Identifier of the scheduled task. + type: string + snooze_schedule: + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule snooze schedule. + type: number + id: + description: Identifier of the rule snooze schedule. + type: string + rRule: + additionalProperties: false + type: object + properties: + byhour: + items: + description: Indicates hours of the day to recur. + type: number + type: array + byminute: + items: + description: Indicates minutes of the hour to recur. + type: number + type: array + bymonth: + items: + description: >- + Indicates months of the year that this rule + should recur. + type: number + type: array + bymonthday: + items: + description: Indicates the days of the month to recur. + type: number + type: array + bysecond: + items: + description: Indicates seconds of the day to recur. + type: number + type: array + bysetpos: + items: + description: >- + A positive or negative integer affecting the + nth day of the month. For example, -2 combined + with `byweekday` of FR is 2nd to last Friday + of the month. It is recommended to not set + this manually and just use `byweekday`. + type: number + type: array + byweekday: + items: + anyOf: + - type: string + - type: number + description: >- + Indicates the days of the week to recur or + else nth-day-of-month strings. For example, + "+2TU" second Tuesday of month, "-1FR" last + Friday of the month, which are internally + converted to a `byweekday/bysetpos` + combination. + type: array + byweekno: + items: + description: Indicates number of the week hours to recur. + type: number + type: array + byyearday: + items: + description: >- + Indicates the days of the year that this rule + should recur. + type: number + type: array + count: + description: >- + Number of times the rule should recur until it + stops. + type: number + dtstart: + description: >- + Rule start date in Coordinated Universal Time + (UTC). + type: string + freq: + description: >- + Indicates frequency of the rule. Options are + YEARLY, MONTHLY, WEEKLY, DAILY. + enum: + - 0 + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + type: integer + interval: + description: >- + Indicates the interval of frequency. For + example, 1 and YEARLY is every 1 year, 2 and + WEEKLY is every 2 weeks. + type: number + tzid: + description: Indicates timezone abbreviation. + type: string + until: + description: Recur the rule until this date. + type: string + wkst: + description: Indicates the start of week, defaults to Monday. + enum: + - MO + - TU + - WE + - TH + - FR + - SA + - SU + type: string + required: + - dtstart + - tzid + skipRecurrences: + items: + description: Skips recurrence of rule on this date. + type: string + type: array + required: + - duration + - rRule + type: array + tags: + items: + description: The tags for the rule. + type: string + type: array + throttle: + deprecated: true + description: >- + Deprecated in 8.13.0. Use the `throttle` property in the + action `frequency` object instead. The throttle interval, + which defines how often an alert generates repeated + actions. NOTE: You cannot specify the throttle interval at + both the rule and action level. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + updated_at: + description: The date and time that the rule was updated most recently. + type: string + updated_by: + description: >- + The identifier for the user that updated this rule most + recently. + nullable: true + type: string + view_in_app_relative_url: + description: Relative URL to view rule in the app. + nullable: true + type: string + required: + - id + - enabled + - name + - tags + - rule_type_id + - consumer + - schedule + - actions + - params + - created_by + - updated_by + - created_at + - updated_at + - api_key_owner + - mute_all + - muted_alert_ids + - execution_status + - revision + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '409': + description: Indicates that the rule id is already in use. + summary: Create a rule + tags: + - alerting + put: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + default: [] + items: + additionalProperties: false + description: An action that runs under defined conditions. + type: object + properties: + alerts_filter: + additionalProperties: false + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query Domain + Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query Domain + Specific Language (DSL) as defined in the + `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the days + of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + description: >- + Defines the range of time in a day that the + action can run. If the `start` value is + `00:00` and the `end` value is `24:00`, + actions be generated all day. + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work but + lack built-in daylight savings time support + and are not recommended. + type: string + required: + - days + - hours + - timezone + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. Valid + values include: `onActionGroupChange`: Actions run + when the alert status changes; `onActiveAlert`: + Actions run when the alert becomes active and at + each check interval while the rule conditions are + met; `onThrottleInterval`: Actions run when the + alert becomes active and at the interval specified + in the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` at + both the rule and action level. The recommended + method is to set it for each action. If you set it + at the rule level then update the rule in Kibana, + it is automatically changed to use action-specific + values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often an + alert generates repeated actions. It is specified + in seconds, minutes, hours, or days and is + applicable only if `notify_when` is set to + `onThrottleInterval`. NOTE: You cannot specify the + throttle interval at both the rule and action + level. The recommended method is to set it for + each action. If you set it at the rule level then + update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + default: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: A universally unique identifier (UUID) for the action. + type: string + required: + - id + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + name: + description: >- + The name of the rule. While this name does not have to be + unique, a distinctive name can help you identify a rule. + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while the rule + conditions are met; `onThrottleInterval`: Actions run when + the alert becomes active and at the interval specified in + the throttle property while the rule conditions are met. + NOTE: You cannot specify `notify_when` at both the rule and + action level. The recommended method is to set it for each + action. If you set it at the rule level then update the rule + in Kibana, it is automatically changed to use + action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + default: {} + description: The parameters for the rule. + type: object + schedule: + additionalProperties: false + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, or + days. + type: string + required: + - interval + tags: + default: [] + items: + description: The tags for the rule. + type: string + type: array + throttle: + description: >- + Use the `throttle` property in the action `frequency` object + instead. The throttle interval, which defines how often an + alert generates repeated actions. NOTE: You cannot specify + the throttle interval at both the rule and action level. If + you set it at the rule level then update the rule in Kibana, + it is automatically changed to use action-specific values. + nullable: true + type: string + required: + - name + - schedule + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + items: + additionalProperties: false + type: object + properties: + alerts_filter: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL) as defined in + the `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the + days of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work + but lack built-in daylight savings time + support and are not recommended. + type: string + required: + - days + - hours + - timezone + connector_type_id: + description: >- + The type of connector. This property appears in + responses but cannot be set in requests. + type: string + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. + Valid values include: `onActionGroupChange`: + Actions run when the alert status changes; + `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while + the rule conditions are met; + `onThrottleInterval`: Actions run when the alert + becomes active and at the interval specified in + the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The + recommended method is to set it for each action. + If you set it at the rule level then update the + rule in Kibana, it is automatically changed to + use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often + an alert generates repeated actions. It is + specified in seconds, minutes, hours, or days + and is applicable only if 'notify_when' is set + to 'onThrottleInterval'. NOTE: You cannot + specify the throttle interval at both the rule + and action level. The recommended method is to + set it for each action. If you set it at the + rule level then update the rule in Kibana, it is + automatically changed to use action-specific + values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: >- + A universally unique identifier (UUID) for the + action. + type: string + required: + - id + - connector_type_id + - params + type: array + active_snoozes: + items: + description: List of active snoozes for the rule. + type: string + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + api_key_created_by_user: + description: >- + Indicates whether the API key that is associated with the + rule was created by the user. + nullable: true + type: boolean + api_key_owner: + description: >- + The owner of the API key that is associated with the rule + and used to run background tasks. + nullable: true + type: string + consumer: + description: >- + The name of the application or feature that owns the rule. + For example: `alerts`, `apm`, `discover`, + `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, + `securitySolution`, `siem`, `stackAlerts`, or `uptime`. + type: string + created_at: + description: The date and time that the rule was created. + type: string + created_by: + description: The identifier for the user that created the rule. + nullable: true + type: string + enabled: + description: >- + Indicates whether you want to run the rule on an interval + basis after it is created. + type: boolean + execution_status: + additionalProperties: false + type: object + properties: + error: + additionalProperties: false + type: object + properties: + message: + description: Error message. + type: string + reason: + description: Reason for error. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + type: string + required: + - reason + - message + last_duration: + description: Duration of last execution of the rule. + type: number + last_execution_date: + description: The date and time when rule was executed last. + type: string + status: + description: Status of rule execution. + enum: + - ok + - active + - error + - warning + - pending + - unknown + type: string + warning: + additionalProperties: false + type: object + properties: + message: + description: Warning message. + type: string + reason: + description: Reason for warning. + enum: + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + type: string + required: + - reason + - message + required: + - status + - last_execution_date + id: + description: The identifier for the rule. + type: string + is_snoozed_until: + description: The date when the rule will no longer be snoozed. + nullable: true + type: string + last_run: + additionalProperties: false + nullable: true + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: Number of ignored alerts during last run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: Number of recovered alerts during last run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value could be + succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: Outcome message generated during last rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + mapped_params: + additionalProperties: {} + type: object + monitoring: + additionalProperties: false + description: Monitoring details of the rule. + type: object + properties: + run: + additionalProperties: false + description: Rule run details. + type: object + properties: + calculated_metrics: + additionalProperties: false + description: >- + Calculation of different percentiles and success + ratio. + type: object + properties: + p50: + type: number + p95: + type: number + p99: + type: number + success_ratio: + type: number + required: + - success_ratio + history: + description: History of the rule run. + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule run. + type: number + outcome: + additionalProperties: false + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: >- + Number of ignored alerts during last + run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: >- + Number of recovered alerts during last + run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value + could be succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: >- + Outcome message generated during last + rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + success: + description: >- + Indicates whether the rule run was + successful. + type: boolean + timestamp: + description: Time of rule run. + type: number + required: + - success + - timestamp + type: array + last_run: + additionalProperties: false + type: object + properties: + metrics: + additionalProperties: false + type: object + properties: + duration: + description: Duration of most recent rule run. + type: number + gap_duration_s: + description: Duration in seconds of rule run gap. + nullable: true + type: number + total_alerts_created: + description: >- + Total number of alerts created during last + rule run. + nullable: true + type: number + total_alerts_detected: + description: >- + Total number of alerts detected during + last rule run. + nullable: true + type: number + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during + last rule run in milliseconds. + nullable: true + type: number + total_search_duration_ms: + description: >- + Total time spent performing Elasticsearch + searches as measured by Kibana; includes + network latency and time spent serializing + or deserializing the request and response. + nullable: true + type: number + timestamp: + description: Time of the most recent rule run. + type: string + required: + - timestamp + - metrics + required: + - history + - calculated_metrics + - last_run + required: + - run + mute_all: + description: Indicates whether all alerts are muted. + type: boolean + muted_alert_ids: + items: + description: 'List of identifiers of muted alerts. ' + type: string + type: array + name: + description: ' The name of the rule.' + type: string + next_run: + description: Date and time of the next run of the rule. + nullable: true + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the + alert becomes active and at each check interval while the + rule conditions are met; `onThrottleInterval`: Actions run + when the alert becomes active and at the interval + specified in the throttle property while the rule + conditions are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The recommended method + is to set it for each action. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + description: The parameters for the rule. + type: object + revision: + description: The rule revision number. + type: number + rule_type_id: + description: The rule type identifier. + type: string + running: + description: Indicates whether the rule is running. + nullable: true + type: boolean + schedule: + additionalProperties: false + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, + or days. + type: string + required: + - interval + scheduled_task_id: + description: Identifier of the scheduled task. + type: string + snooze_schedule: + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule snooze schedule. + type: number + id: + description: Identifier of the rule snooze schedule. + type: string + rRule: + additionalProperties: false + type: object + properties: + byhour: + items: + description: Indicates hours of the day to recur. + type: number + type: array + byminute: + items: + description: Indicates minutes of the hour to recur. + type: number + type: array + bymonth: + items: + description: >- + Indicates months of the year that this rule + should recur. + type: number + type: array + bymonthday: + items: + description: Indicates the days of the month to recur. + type: number + type: array + bysecond: + items: + description: Indicates seconds of the day to recur. + type: number + type: array + bysetpos: + items: + description: >- + A positive or negative integer affecting the + nth day of the month. For example, -2 combined + with `byweekday` of FR is 2nd to last Friday + of the month. It is recommended to not set + this manually and just use `byweekday`. + type: number + type: array + byweekday: + items: + anyOf: + - type: string + - type: number + description: >- + Indicates the days of the week to recur or + else nth-day-of-month strings. For example, + "+2TU" second Tuesday of month, "-1FR" last + Friday of the month, which are internally + converted to a `byweekday/bysetpos` + combination. + type: array + byweekno: + items: + description: Indicates number of the week hours to recur. + type: number + type: array + byyearday: + items: + description: >- + Indicates the days of the year that this rule + should recur. + type: number + type: array + count: + description: >- + Number of times the rule should recur until it + stops. + type: number + dtstart: + description: >- + Rule start date in Coordinated Universal Time + (UTC). + type: string + freq: + description: >- + Indicates frequency of the rule. Options are + YEARLY, MONTHLY, WEEKLY, DAILY. + enum: + - 0 + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + type: integer + interval: + description: >- + Indicates the interval of frequency. For + example, 1 and YEARLY is every 1 year, 2 and + WEEKLY is every 2 weeks. + type: number + tzid: + description: Indicates timezone abbreviation. + type: string + until: + description: Recur the rule until this date. + type: string + wkst: + description: Indicates the start of week, defaults to Monday. + enum: + - MO + - TU + - WE + - TH + - FR + - SA + - SU + type: string + required: + - dtstart + - tzid + skipRecurrences: + items: + description: Skips recurrence of rule on this date. + type: string + type: array + required: + - duration + - rRule + type: array + tags: + items: + description: The tags for the rule. + type: string + type: array + throttle: + deprecated: true + description: >- + Deprecated in 8.13.0. Use the `throttle` property in the + action `frequency` object instead. The throttle interval, + which defines how often an alert generates repeated + actions. NOTE: You cannot specify the throttle interval at + both the rule and action level. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + updated_at: + description: The date and time that the rule was updated most recently. + type: string + updated_by: + description: >- + The identifier for the user that updated this rule most + recently. + nullable: true + type: string + view_in_app_relative_url: + description: Relative URL to view rule in the app. + nullable: true + type: string + required: + - id + - enabled + - name + - tags + - rule_type_id + - consumer + - schedule + - actions + - params + - created_by + - updated_by + - created_at + - updated_at + - api_key_owner + - mute_all + - muted_alert_ids + - execution_status + - revision + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + '409': + description: Indicates that the rule has already been updated by another user. + summary: Update a rule + tags: + - alerting + /api/alerting/rule/{id}/_disable: + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_disable#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + untrack: + description: Defines whether this rule's alerts should be untracked. + type: boolean + x-oas-optional: true + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + summary: Disable a rule + tags: + - alerting + /api/alerting/rule/{id}/_enable: + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_enable#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + summary: Enable a rule + tags: + - alerting + /api/alerting/rule/{id}/_mute_all: + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_mute_all#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + summary: Mute all alerts + tags: + - alerting + /api/alerting/rule/{id}/_unmute_all: + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_unmute_all#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + summary: Unmute all alerts + tags: + - alerting + /api/alerting/rule/{id}/_update_api_key: + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_update_api_key#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + '409': + description: Indicates that the rule has already been updated by another user. + summary: Update the API key for a rule + tags: + - alerting + /api/alerting/rule/{rule_id}/alert/{alert_id}/_mute: + post: + operationId: >- + %2Fapi%2Falerting%2Frule%2F%7Brule_id%7D%2Falert%2F%7Balert_id%7D%2F_mute#0 + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: rule_id + required: true + schema: + type: string + - description: The identifier for the alert. + in: path + name: alert_id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule or alert with the given ID does not exist. + summary: Mute an alert + tags: + - alerting + /api/alerting/rule/{rule_id}/alert/{alert_id}/_unmute: + post: + operationId: >- + %2Fapi%2Falerting%2Frule%2F%7Brule_id%7D%2Falert%2F%7Balert_id%7D%2F_unmute#0 + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: rule_id + required: true + schema: + type: string + - description: The identifier for the alert. + in: path + name: alert_id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule or alert with the given ID does not exist. + summary: Unmute an alert + tags: + - alerting + /api/alerting/rules/_find: + get: + operationId: '%2Fapi%2Falerting%2Frules%2F_find#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: The number of rules to return per page. + in: query + name: per_page + required: false + schema: + default: 10 + minimum: 0 + type: number + - description: The page number to return. + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: number + - description: >- + An Elasticsearch simple_query_string query that filters the objects + in the response. + in: query + name: search + required: false + schema: + type: string + - description: The default operator to use for the simple_query_string. + in: query + name: default_search_operator + required: false + schema: + default: OR + enum: + - OR + - AND + type: string + - description: The fields to perform the simple_query_string parsed query against. + in: query + name: search_fields + required: false + schema: + anyOf: + - items: + type: string + type: array + - type: string + - description: >- + Determines which field is used to sort the results. The field must + exist in the `attributes` key of the response. + in: query + name: sort_field + required: false + schema: + type: string + - description: Determines the sort order. + in: query + name: sort_order + required: false + schema: + enum: + - asc + - desc + type: string + - description: >- + Filters the rules that have a relation with the reference objects + with a specific type and identifier. + in: query + name: has_reference + required: false + schema: + additionalProperties: false + nullable: true + type: object + properties: + id: + type: string + type: + type: string + required: + - type + - id + - in: query + name: fields + required: false + schema: + items: + description: The fields to return in the `attributes` key of the response. + type: string + type: array + - description: >- + A KQL string that you filter with an attribute from your saved + object. It should look like `savedObjectType.attributes.title: + "myTitle"`. However, if you used a direct attribute of a saved + object, such as `updatedAt`, you must define your filter, for + example, `savedObjectType.updatedAt > 2018-12-22`. + in: query + name: filter + required: false + schema: + type: string + - in: query + name: filter_consumers + required: false + schema: + items: + description: List of consumers to filter. + type: string + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + items: + additionalProperties: false + type: object + properties: + alerts_filter: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL) as defined in + the `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the + days of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work + but lack built-in daylight savings time + support and are not recommended. + type: string + required: + - days + - hours + - timezone + connector_type_id: + description: >- + The type of connector. This property appears in + responses but cannot be set in requests. + type: string + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. + Valid values include: `onActionGroupChange`: + Actions run when the alert status changes; + `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while + the rule conditions are met; + `onThrottleInterval`: Actions run when the alert + becomes active and at the interval specified in + the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The + recommended method is to set it for each action. + If you set it at the rule level then update the + rule in Kibana, it is automatically changed to + use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often + an alert generates repeated actions. It is + specified in seconds, minutes, hours, or days + and is applicable only if 'notify_when' is set + to 'onThrottleInterval'. NOTE: You cannot + specify the throttle interval at both the rule + and action level. The recommended method is to + set it for each action. If you set it at the + rule level then update the rule in Kibana, it is + automatically changed to use action-specific + values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: >- + A universally unique identifier (UUID) for the + action. + type: string + required: + - id + - connector_type_id + - params + type: array + active_snoozes: + items: + description: List of active snoozes for the rule. + type: string + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + api_key_created_by_user: + description: >- + Indicates whether the API key that is associated with the + rule was created by the user. + nullable: true + type: boolean + api_key_owner: + description: >- + The owner of the API key that is associated with the rule + and used to run background tasks. + nullable: true + type: string + consumer: + description: >- + The name of the application or feature that owns the rule. + For example: `alerts`, `apm`, `discover`, + `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, + `securitySolution`, `siem`, `stackAlerts`, or `uptime`. + type: string + created_at: + description: The date and time that the rule was created. + type: string + created_by: + description: The identifier for the user that created the rule. + nullable: true + type: string + enabled: + description: >- + Indicates whether you want to run the rule on an interval + basis after it is created. + type: boolean + execution_status: + additionalProperties: false + type: object + properties: + error: + additionalProperties: false + type: object + properties: + message: + description: Error message. + type: string + reason: + description: Reason for error. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + type: string + required: + - reason + - message + last_duration: + description: Duration of last execution of the rule. + type: number + last_execution_date: + description: The date and time when rule was executed last. + type: string + status: + description: Status of rule execution. + enum: + - ok + - active + - error + - warning + - pending + - unknown + type: string + warning: + additionalProperties: false + type: object + properties: + message: + description: Warning message. + type: string + reason: + description: Reason for warning. + enum: + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + type: string + required: + - reason + - message + required: + - status + - last_execution_date + id: + description: The identifier for the rule. + type: string + is_snoozed_until: + description: The date when the rule will no longer be snoozed. + nullable: true + type: string + last_run: + additionalProperties: false + nullable: true + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: Number of ignored alerts during last run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: Number of recovered alerts during last run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value could be + succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: Outcome message generated during last rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + mapped_params: + additionalProperties: {} + type: object + monitoring: + additionalProperties: false + description: Monitoring details of the rule. + type: object + properties: + run: + additionalProperties: false + description: Rule run details. + type: object + properties: + calculated_metrics: + additionalProperties: false + description: >- + Calculation of different percentiles and success + ratio. + type: object + properties: + p50: + type: number + p95: + type: number + p99: + type: number + success_ratio: + type: number + required: + - success_ratio + history: + description: History of the rule run. + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule run. + type: number + outcome: + additionalProperties: false + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: >- + Number of ignored alerts during last + run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: >- + Number of recovered alerts during last + run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value + could be succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: >- + Outcome message generated during last + rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + success: + description: >- + Indicates whether the rule run was + successful. + type: boolean + timestamp: + description: Time of rule run. + type: number + required: + - success + - timestamp + type: array + last_run: + additionalProperties: false + type: object + properties: + metrics: + additionalProperties: false + type: object + properties: + duration: + description: Duration of most recent rule run. + type: number + gap_duration_s: + description: Duration in seconds of rule run gap. + nullable: true + type: number + total_alerts_created: + description: >- + Total number of alerts created during last + rule run. + nullable: true + type: number + total_alerts_detected: + description: >- + Total number of alerts detected during + last rule run. + nullable: true + type: number + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during + last rule run in milliseconds. + nullable: true + type: number + total_search_duration_ms: + description: >- + Total time spent performing Elasticsearch + searches as measured by Kibana; includes + network latency and time spent serializing + or deserializing the request and response. + nullable: true + type: number + timestamp: + description: Time of the most recent rule run. + type: string + required: + - timestamp + - metrics + required: + - history + - calculated_metrics + - last_run + required: + - run + mute_all: + description: Indicates whether all alerts are muted. + type: boolean + muted_alert_ids: + items: + description: 'List of identifiers of muted alerts. ' + type: string + type: array + name: + description: ' The name of the rule.' + type: string + next_run: + description: Date and time of the next run of the rule. + nullable: true + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the + alert becomes active and at each check interval while the + rule conditions are met; `onThrottleInterval`: Actions run + when the alert becomes active and at the interval + specified in the throttle property while the rule + conditions are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The recommended method + is to set it for each action. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + description: The parameters for the rule. + type: object + revision: + description: The rule revision number. + type: number + rule_type_id: + description: The rule type identifier. + type: string + running: + description: Indicates whether the rule is running. + nullable: true + type: boolean + schedule: + additionalProperties: false + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, + or days. + type: string + required: + - interval + scheduled_task_id: + description: Identifier of the scheduled task. + type: string + snooze_schedule: + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule snooze schedule. + type: number + id: + description: Identifier of the rule snooze schedule. + type: string + rRule: + additionalProperties: false + type: object + properties: + byhour: + items: + description: Indicates hours of the day to recur. + type: number + type: array + byminute: + items: + description: Indicates minutes of the hour to recur. + type: number + type: array + bymonth: + items: + description: >- + Indicates months of the year that this rule + should recur. + type: number + type: array + bymonthday: + items: + description: Indicates the days of the month to recur. + type: number + type: array + bysecond: + items: + description: Indicates seconds of the day to recur. + type: number + type: array + bysetpos: + items: + description: >- + A positive or negative integer affecting the + nth day of the month. For example, -2 combined + with `byweekday` of FR is 2nd to last Friday + of the month. It is recommended to not set + this manually and just use `byweekday`. + type: number + type: array + byweekday: + items: + anyOf: + - type: string + - type: number + description: >- + Indicates the days of the week to recur or + else nth-day-of-month strings. For example, + "+2TU" second Tuesday of month, "-1FR" last + Friday of the month, which are internally + converted to a `byweekday/bysetpos` + combination. + type: array + byweekno: + items: + description: Indicates number of the week hours to recur. + type: number + type: array + byyearday: + items: + description: >- + Indicates the days of the year that this rule + should recur. + type: number + type: array + count: + description: >- + Number of times the rule should recur until it + stops. + type: number + dtstart: + description: >- + Rule start date in Coordinated Universal Time + (UTC). + type: string + freq: + description: >- + Indicates frequency of the rule. Options are + YEARLY, MONTHLY, WEEKLY, DAILY. + enum: + - 0 + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + type: integer + interval: + description: >- + Indicates the interval of frequency. For + example, 1 and YEARLY is every 1 year, 2 and + WEEKLY is every 2 weeks. + type: number + tzid: + description: Indicates timezone abbreviation. + type: string + until: + description: Recur the rule until this date. + type: string + wkst: + description: Indicates the start of week, defaults to Monday. + enum: + - MO + - TU + - WE + - TH + - FR + - SA + - SU + type: string + required: + - dtstart + - tzid + skipRecurrences: + items: + description: Skips recurrence of rule on this date. + type: string + type: array + required: + - duration + - rRule + type: array + tags: + items: + description: The tags for the rule. + type: string + type: array + throttle: + deprecated: true + description: >- + Deprecated in 8.13.0. Use the `throttle` property in the + action `frequency` object instead. The throttle interval, + which defines how often an alert generates repeated + actions. NOTE: You cannot specify the throttle interval at + both the rule and action level. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + updated_at: + description: The date and time that the rule was updated most recently. + type: string + updated_by: + description: >- + The identifier for the user that updated this rule most + recently. + nullable: true + type: string + view_in_app_relative_url: + description: Relative URL to view rule in the app. + nullable: true + type: string + required: + - id + - enabled + - name + - tags + - rule_type_id + - consumer + - schedule + - actions + - params + - created_by + - updated_by + - created_at + - updated_at + - api_key_owner + - mute_all + - muted_alert_ids + - execution_status + - revision + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + summary: Get information about rules + tags: + - alerting + /api/alerts/alert/{alertId}: + delete: + deprecated: true + description: > + Deprecated in 7.13.0. Use the delete rule API instead. WARNING: After + you delete an alert, you cannot recover it. + operationId: legaryDeleteAlert + parameters: + - $ref: '#/components/parameters/Alerting_kbn_xsrf' + - description: The identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + type: string + responses: + '204': + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Delete an alert + tags: + - alerting + get: + deprecated: true + description: Deprecated in 7.13.0. Use the get rule API instead. + operationId: legacyGetAlert + parameters: + - description: The identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_alert_response_properties' + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Get an alert by identifier + tags: + - alerting + post: + deprecated: true + description: Deprecated in 7.13.0. Use the create rule API instead. + operationId: legacyCreateAlert + parameters: + - $ref: '#/components/parameters/Alerting_kbn_xsrf' + - description: >- + An UUID v1 or v4 identifier for the alert. If this parameter is + omitted, the identifier is randomly generated. + in: path + name: alertId + required: true + schema: + example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + title: Legacy create alert request properties + type: object + properties: + actions: + items: + type: object + properties: + actionTypeId: + description: The identifier for the action type. + type: string + group: + description: > + Grouping actions is recommended for escalations for + different types of alert instances. If you don't need + this functionality, set it to `default`. + type: string + id: + description: The ID of the action saved object. + type: string + params: + description: > + The map to the `params` that the action type will + receive. `params` are handled as Mustache templates + and passed a default set of context. + type: object + required: + - actionTypeId + - group + - id + - params + type: array + alertTypeId: + description: >- + The ID of the alert type that you want to call when the + alert is scheduled to run. + type: string + consumer: + description: >- + The name of the application that owns the alert. This name + has to match the Kibana feature name, as that dictates the + required role-based access control privileges. + type: string + enabled: + description: >- + Indicates if you want to run the alert on an interval basis + after it is created. + type: boolean + name: + description: A name to reference and search. + type: string + notifyWhen: + description: The condition for throttling the notification. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + params: + description: >- + The parameters to pass to the alert type executor `params` + value. This will also validate against the alert type params + validator, if defined. + type: object + schedule: + description: > + The schedule specifying when this alert should be run. A + schedule is structured such that the key specifies the + format you wish to use and its value specifies the schedule. + type: object + properties: + interval: + description: >- + The interval format specifies the interval in seconds, + minutes, hours or days at which the alert should run. + example: 10s + type: string + tags: + description: A list of keywords to reference and search. + items: + type: string + type: array + throttle: + description: > + How often this alert should fire the same actions. This will + prevent the alert from sending out the same notification + over and over. For example, if an alert with a schedule of 1 + minute stays in a triggered state for 90 minutes, setting a + throttle of `10m` or `1h` will prevent it from sending 90 + notifications during this period. + type: string + required: + - alertTypeId + - consumer + - name + - notifyWhen + - params + - schedule + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_alert_response_properties' + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Create an alert + tags: + - alerting + put: + deprecated: true + description: Deprecated in 7.13.0. Use the update rule API instead. + operationId: legacyUpdateAlert + parameters: + - $ref: '#/components/parameters/Alerting_kbn_xsrf' + - description: The identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + title: Legacy update alert request properties + type: object + properties: + actions: + items: + type: object + properties: + actionTypeId: + description: The identifier for the action type. + type: string + group: + description: > + Grouping actions is recommended for escalations for + different types of alert instances. If you don't need + this functionality, set it to `default`. + type: string + id: + description: The ID of the action saved object. + type: string + params: + description: > + The map to the `params` that the action type will + receive. `params` are handled as Mustache templates + and passed a default set of context. + type: object + required: + - actionTypeId + - group + - id + - params + type: array + name: + description: A name to reference and search. + type: string + notifyWhen: + description: The condition for throttling the notification. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + params: + description: >- + The parameters to pass to the alert type executor `params` + value. This will also validate against the alert type params + validator, if defined. + type: object + schedule: + description: > + The schedule specifying when this alert should be run. A + schedule is structured such that the key specifies the + format you wish to use and its value specifies the schedule. + type: object + properties: + interval: + description: >- + The interval format specifies the interval in seconds, + minutes, hours or days at which the alert should run. + example: 1d + type: string + tags: + description: A list of keywords to reference and search. + items: + type: string + type: array + throttle: + description: > + How often this alert should fire the same actions. This will + prevent the alert from sending out the same notification + over and over. For example, if an alert with a schedule of 1 + minute stays in a triggered state for 90 minutes, setting a + throttle of `10m` or `1h` will prevent it from sending 90 + notifications during this period. + type: string + required: + - name + - notifyWhen + - params + - schedule + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_alert_response_properties' + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Update an alert + tags: + - alerting + /api/alerts/alert/{alertId}/_disable: + post: + deprecated: true + description: Deprecated in 7.13.0. Use the disable rule API instead. + operationId: legacyDisableAlert + parameters: + - $ref: '#/components/parameters/Alerting_kbn_xsrf' + - description: The identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + type: string + responses: + '204': + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Disable an alert + tags: + - alerting + /api/alerts/alert/{alertId}/_enable: + post: + deprecated: true + description: Deprecated in 7.13.0. Use the enable rule API instead. + operationId: legacyEnableAlert + parameters: + - $ref: '#/components/parameters/Alerting_kbn_xsrf' + - description: The identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + type: string + responses: + '204': + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Enable an alert + tags: + - alerting + /api/alerts/alert/{alertId}/_mute_all: + post: + deprecated: true + description: Deprecated in 7.13.0. Use the mute all alerts API instead. + operationId: legacyMuteAllAlertInstances + parameters: + - $ref: '#/components/parameters/Alerting_kbn_xsrf' + - description: The identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + type: string + responses: + '204': + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Mute all alert instances + tags: + - alerting + /api/alerts/alert/{alertId}/_unmute_all: + post: + deprecated: true + description: Deprecated in 7.13.0. Use the unmute all alerts API instead. + operationId: legacyUnmuteAllAlertInstances + parameters: + - $ref: '#/components/parameters/Alerting_kbn_xsrf' + - description: The identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + type: string + responses: + '204': + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Unmute all alert instances + tags: + - alerting + /api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_mute: + post: + deprecated: true + description: Deprecated in 7.13.0. Use the mute alert API instead. + operationId: legacyMuteAlertInstance + parameters: + - $ref: '#/components/parameters/Alerting_kbn_xsrf' + - description: An identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + type: string + - description: An identifier for the alert instance. + in: path + name: alertInstanceId + required: true + schema: + example: dceeb5d0-6b41-11eb-802b-85b0c1bc8ba2 + type: string + responses: + '204': + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Mute an alert instance + tags: + - alerting + /api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_unmute: + post: + deprecated: true + description: Deprecated in 7.13.0. Use the unmute alert API instead. + operationId: legacyUnmuteAlertInstance + parameters: + - $ref: '#/components/parameters/Alerting_kbn_xsrf' + - description: An identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + type: string + - description: An identifier for the alert instance. + in: path + name: alertInstanceId + required: true + schema: + example: dceeb5d0-6b41-11eb-802b-85b0c1bc8ba2 + type: string + responses: + '204': + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Unmute an alert instance + tags: + - alerting + /api/alerts/alerts/_find: + get: + deprecated: true + description: > + Deprecated in 7.13.0. Use the find rules API instead. NOTE: Alert + `params` are stored as a flattened field type and analyzed as keywords. + As alerts change in Kibana, the results on each page of the response + also change. Use the find API for traditional paginated results, but + avoid using it to export large amounts of data. + operationId: legacyFindAlerts + parameters: + - description: The default operator to use for the `simple_query_string`. + example: OR + in: query + name: default_search_operator + schema: + default: OR + type: string + - description: The fields to return in the `attributes` key of the response. + in: query + name: fields + schema: + items: + type: string + type: array + - description: > + A KQL string that you filter with an attribute from your saved + object. It should look like `savedObjectType.attributes.title: + "myTitle"`. However, if you used a direct attribute of a saved + object, such as `updatedAt`, you must define your filter, for + example, `savedObjectType.updatedAt > 2018-12-22`. + in: query + name: filter + schema: + type: string + - description: >- + Filters the rules that have a relation with the reference objects + with a specific type and identifier. + in: query + name: has_reference + schema: + type: object + properties: + id: + type: string + type: + type: string + - description: The page number to return. + example: 1 + in: query + name: page + schema: + default: 1 + type: integer + - description: The number of alerts to return per page. + example: 20 + in: query + name: per_page + schema: + default: 20 + type: integer + - description: >- + An Elasticsearch `simple_query_string` query that filters the alerts + in the response. + in: query + name: search + schema: + type: string + - description: >- + The fields to perform the `simple_query_string` parsed query + against. + in: query + name: search_fields + schema: + oneOf: + - type: string + - items: + type: string + type: array + - description: > + Determines which field is used to sort the results. The field must + exist in the `attributes` key of the response. + in: query + name: sort_field + schema: + type: string + - description: Determines the sort order. + example: asc + in: query + name: sort_order + schema: + default: desc + enum: + - asc + - desc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: '#/components/schemas/Alerting_alert_response_properties' + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Get a paginated set of alerts + tags: + - alerting + /api/alerts/alerts/_health: + get: + deprecated: true + description: Deprecated in 7.13.0. Use the get alerting framework health API instead. + operationId: legacyGetAlertingHealth + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + alertingFrameworkHealth: + description: > + Three substates identify the health of the alerting + framework: `decryptionHealth`, `executionHealth`, and + `readHealth`. + type: object + properties: + decryptionHealth: + description: The timestamp and status of the alert decryption. + type: object + properties: + status: + enum: + - error + - ok + - warn + example: ok + type: string + timestamp: + example: '2023-01-13T01:28:00.280Z' + format: date-time + type: string + executionHealth: + description: The timestamp and status of the alert execution. + type: object + properties: + status: + enum: + - error + - ok + - warn + example: ok + type: string + timestamp: + example: '2023-01-13T01:28:00.280Z' + format: date-time + type: string + readHealth: + description: The timestamp and status of the alert reading events. + type: object + properties: + status: + enum: + - error + - ok + - warn + example: ok + type: string + timestamp: + example: '2023-01-13T01:28:00.280Z' + format: date-time + type: string + hasPermanentEncryptionKey: + description: >- + If `false`, the encrypted saved object plugin does not + have a permanent encryption key. + example: true + type: boolean + isSufficientlySecure: + description: If `false`, security is enabled but TLS is not. + example: true + type: boolean + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Get the alerting framework health + tags: + - alerting + /api/alerts/alerts/list_alert_types: + get: + deprecated: true + description: Deprecated in 7.13.0. Use the get rule types API instead. + operationId: legacyGetAlertTypes + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + properties: + actionGroups: + description: > + An explicit list of groups for which the alert type can + schedule actions, each with the action group's unique ID + and human readable name. Alert actions validation uses + this configuration to ensure that groups are valid. + items: + type: object + properties: + id: + type: string + name: + type: string + type: array + actionVariables: + description: > + A list of action variables that the alert type makes + available via context and state in action parameter + templates, and a short human readable description. The + Alert UI will use this information to prompt users for + these variables in action parameter editors. + type: object + properties: + context: + items: + type: object + properties: + description: + type: string + name: + type: string + type: array + params: + items: + type: object + properties: + description: + type: string + name: + type: string + type: array + state: + items: + type: object + properties: + description: + type: string + name: + type: string + type: array + authorizedConsumers: + description: >- + The list of the plugins IDs that have access to the + alert type. + type: object + defaultActionGroupId: + description: The default identifier for the alert type group. + type: string + enabledInLicense: + description: >- + Indicates whether the rule type is enabled based on the + subscription. + type: boolean + id: + description: The unique identifier for the alert type. + type: string + isExportable: + description: >- + Indicates whether the alert type is exportable in Saved + Objects Management UI. + type: boolean + minimumLicenseRequired: + description: The subscriptions required to use the alert type. + type: string + name: + description: The descriptive name of the alert type. + type: string + producer: + description: >- + An identifier for the application that produces this + alert type. + type: string + recoveryActionGroup: + description: > + An action group to use when an alert instance goes from + an active state to an inactive one. If it is not + specified, the default recovered action group is used. + type: object + properties: + id: + type: string + name: + type: string + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Get the alert types + tags: + - alerting + /api/apm/agent_keys: + post: + description: Create a new agent key for APM. + operationId: createAgentKey + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + name: + type: string + privileges: + items: + enum: + - event:write + - config_agent:read + type: string + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + api_key: + type: string + encoded: + type: string + expiration: + format: int64 + type: integer + id: + type: string + name: + type: string + description: Agent key created successfully + summary: Create an APM agent key + tags: + - APM agent keys + /api/apm/services/{serviceName}/annotation: + post: + description: Create a new annotation for a specific service. + operationId: createAnnotation + parameters: + - description: The name of the service + in: path + name: serviceName + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + '@timestamp': + type: string + message: + type: string + service: + type: object + properties: + environment: + type: string + version: + type: string + tags: + items: + type: string + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _id: + type: string + _index: + type: string + _source: + type: object + properties: + '@timestamp': + type: string + annotation: + type: string + event: + type: object + properties: + created: + type: string + message: + type: string + service: + type: object + properties: + environment: + type: string + name: + type: string + version: + type: string + tags: + items: + type: string + type: array + description: Annotation created successfully + summary: Create a service annotation + tags: + - APM annotations + /api/apm/services/{serviceName}/annotation/search: + get: + description: Search for annotations related to a specific service. + operationId: getAnnotation + parameters: + - description: The name of the service + in: path + name: serviceName + required: true + schema: + type: string + - description: The environment to filter annotations by + in: query + name: environment + required: false + schema: + type: string + - description: The start date for the search + in: query + name: start + required: false + schema: + type: string + - description: The end date for the search + in: query + name: end + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + annotations: + items: + type: object + properties: + '@timestamp': + type: number + id: + type: string + text: + type: string + type: + enum: + - version + type: string + type: array + description: Successful response + summary: Search for annotations + tags: + - APM annotations + /api/asset_criticality: + delete: + description: Delete the asset criticality record for a specific entity. + operationId: DeleteAssetCriticalityRecord + parameters: + - description: The ID value of the asset. + in: query + name: id_value + required: true + schema: + type: string + - description: The field representing the ID. + example: host.name + in: query + name: id_field + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IdField + - description: If 'wait_for' the request will wait for the index refresh. + in: query + name: refresh + required: false + schema: + enum: + - wait_for + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + deleted: + description: >- + True if the record was deleted or false if the record did + not exist. + type: boolean + record: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + description: The deleted record if it existed. + required: + - deleted + description: Successful response + '400': + description: Invalid request + summary: Delete an asset criticality record + tags: + - Security Solution Entity Analytics API + get: + description: Get the asset criticality record for a specific entity. + operationId: GetAssetCriticalityRecord + parameters: + - description: The ID value of the asset. + in: query + name: id_value + required: true + schema: + type: string + - description: The field representing the ID. + example: host.name + in: query + name: id_field + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IdField + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + description: Successful response + '400': + description: Invalid request + '404': + description: Criticality record not found + summary: Get an asset criticality record + tags: + - Security Solution Entity Analytics API + post: + description: > + Create or update an asset criticality record for a specific entity. + + + If a record already exists for the specified entity, that record is + overwritten with the specified value. If a record doesn't exist for the + specified entity, a new record is created. + operationId: CreateAssetCriticalityRecord + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord + - type: object + properties: + refresh: + description: >- + If 'wait_for' the request will wait for the index + refresh. + enum: + - wait_for + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + description: Successful response + '400': + description: Invalid request + summary: Upsert an asset criticality record + tags: + - Security Solution Entity Analytics API + /api/asset_criticality/bulk: + post: + description: > + Bulk upsert up to 1000 asset criticality records. + + + If asset criticality records already exist for the specified entities, + those records are overwritten with the specified values. If asset + criticality records don't exist for the specified entities, new records + are created. + operationId: BulkUpsertAssetCriticalityRecords + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + example: + records: + - criticality_level: low_impact + id_field: host.name + id_value: host-1 + - criticality_level: medium_impact + id_field: host.name + id_value: host-2 + type: object + properties: + records: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord + maxItems: 1000 + minItems: 1 + type: array + required: + - records + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + example: + errors: + - index: 0 + message: Invalid ID field + stats: + failed: 1 + successful: 1 + total: 2 + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadErrorItem + type: array + stats: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadStats + required: + - errors + - stats + description: Bulk upload successful + '413': + description: File too large + summary: Bulk upsert asset criticality records + tags: + - Security Solution Entity Analytics API + /api/asset_criticality/list: + get: + description: List asset criticality records, paging, sorting and filtering as needed. + operationId: FindAssetCriticalityRecords + parameters: + - description: The field to sort by. + in: query + name: sort_field + required: false + schema: + enum: + - id_value + - id_field + - criticality_level + - \@timestamp + type: string + - description: The order to sort by. + in: query + name: sort_direction + required: false + schema: + enum: + - asc + - desc + type: string + - description: The page number to return. + in: query + name: page + required: false + schema: + minimum: 1 + type: integer + - description: The number of records to return per page. + in: query + name: per_page + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + - description: The kuery to filter by. + in: query + name: kuery + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + page: + minimum: 1 + type: integer + per_page: + maximum: 1000 + minimum: 1 + type: integer + records: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + type: array + total: + minimum: 0 + type: integer + required: + - records + - page + - per_page + - total + description: Bulk upload successful + summary: List asset criticality records + tags: + - Security Solution Entity Analytics API + /api/cases: + delete: + description: > + You must have `read` or `all` privileges and the `delete` sub-feature + privilege for the **Cases** feature in the **Management**, + **Observability**, or **Security** section of the Kibana feature + privileges, depending on the owner of the cases you're deleting. + operationId: deleteCaseDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_kbn_xsrf' + - $ref: '#/components/parameters/Cases_ids' + responses: + '204': + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Delete cases + tags: + - cases + patch: + description: > + You must have `all` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the + Kibana feature privileges, depending on the owner of the case you're + updating. + operationId: updateCaseDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateCaseRequest: + $ref: '#/components/examples/Cases_update_case_request' + schema: + $ref: '#/components/schemas/Cases_update_case_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateCaseResponse: + $ref: '#/components/examples/Cases_update_case_response' + schema: + items: + $ref: '#/components/schemas/Cases_case_response_properties' + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Update cases + tags: + - cases + post: + description: > + You must have `all` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the + Kibana feature privileges, depending on the owner of the case you're + creating. + operationId: createCaseDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createCaseRequest: + $ref: '#/components/examples/Cases_create_case_request' + schema: + $ref: '#/components/schemas/Cases_create_case_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createCaseResponse: + $ref: '#/components/examples/Cases_create_case_response' + schema: + $ref: '#/components/schemas/Cases_case_response_properties' + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Create a case + tags: + - cases + /api/cases/_find: + get: + description: > + You must have `read` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the Kibana + feature privileges, depending on the owner of the cases you're seeking. + operationId: findCasesDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_assignees' + - $ref: '#/components/parameters/Cases_category' + - $ref: '#/components/parameters/Cases_defaultSearchOperator' + - $ref: '#/components/parameters/Cases_from' + - $ref: '#/components/parameters/Cases_owner' + - $ref: '#/components/parameters/Cases_page_index' + - $ref: '#/components/parameters/Cases_page_size' + - $ref: '#/components/parameters/Cases_reporters' + - $ref: '#/components/parameters/Cases_search' + - $ref: '#/components/parameters/Cases_searchFields' + - $ref: '#/components/parameters/Cases_severity' + - $ref: '#/components/parameters/Cases_sortField' + - $ref: '#/components/parameters/Cases_sort_order' + - $ref: '#/components/parameters/Cases_status' + - $ref: '#/components/parameters/Cases_tags' + - $ref: '#/components/parameters/Cases_to' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + findCaseResponse: + $ref: '#/components/examples/Cases_find_case_response' + schema: + type: object + properties: + cases: + items: + $ref: '#/components/schemas/Cases_case_response_properties' + maxItems: 10000 + type: array + count_closed_cases: + type: integer + count_in_progress_cases: + type: integer + count_open_cases: + type: integer + page: + type: integer + per_page: + type: integer + total: + type: integer + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Search cases + tags: + - cases + /api/cases/{caseId}: + get: + description: > + You must have `read` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the Kibana + feature privileges, depending on the owner of the case you're seeking. + operationId: getCaseDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_case_id' + - $ref: '#/components/parameters/Cases_includeComments' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getDefaultCaseResponse: + $ref: '#/components/examples/Cases_get_case_response' + getDefaultObservabilityCaseReponse: + $ref: '#/components/examples/Cases_get_case_observability_response' + schema: + $ref: '#/components/schemas/Cases_case_response_properties' + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get case information + tags: + - cases + /api/cases/{caseId}/alerts: + get: + description: > + You must have `read` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the Kibana + feature privileges, depending on the owner of the cases you're seeking. + operationId: getCaseAlertsDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_case_id' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getCaseAlertsResponse: + $ref: '#/components/examples/Cases_get_case_alerts_response' + schema: + items: + $ref: '#/components/schemas/Cases_alert_response_properties' + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get all alerts for a case + tags: + - cases + x-technical-preview: true + /api/cases/{caseId}/comments: + delete: + description: > + Deletes all comments and alerts from a case. You must have `all` + privileges for the **Cases** feature in the **Management**, + **Observability**, or **Security** section of the Kibana feature + privileges, depending on the owner of the cases you're deleting. + operationId: deleteCaseCommentsDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_kbn_xsrf' + - $ref: '#/components/parameters/Cases_case_id' + responses: + '204': + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Delete all case comments and alerts + tags: + - cases + get: + deprecated: true + description: > + Deprecated in 8.1.0. This API is deprecated and will be removed in a + future release; instead, use the get case comment API, which requires a + comment identifier in the path. You must have `read` privileges for the + **Cases** feature in the **Management**, **Observability**, or + **Security** section of the Kibana feature privileges, depending on the + owner of the cases with the comments you're seeking. + operationId: getAllCaseCommentsDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_case_id' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_case_response_properties' + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get all case comments + tags: + - cases + patch: + description: > + You must have `all` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the Kibana + feature privileges, depending on the owner of the case you're updating. + NOTE: You cannot change the comment type or the owner of a comment. + operationId: updateCaseCommentDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_kbn_xsrf' + - $ref: '#/components/parameters/Cases_case_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateCaseCommentRequest: + $ref: '#/components/examples/Cases_update_comment_request' + schema: + $ref: '#/components/schemas/Cases_update_case_comment_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateCaseCommentResponse: + $ref: '#/components/examples/Cases_update_comment_response' + schema: + $ref: '#/components/schemas/Cases_case_response_properties' + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Update a case comment or alert + tags: + - cases + post: + description: > + You must have `all` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the Kibana + feature privileges, depending on the owner of the case you're creating. + NOTE: Each case can have a maximum of 1,000 alerts. + operationId: addCaseCommentDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_kbn_xsrf' + - $ref: '#/components/parameters/Cases_case_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createCaseCommentRequest: + $ref: '#/components/examples/Cases_add_comment_request' + schema: + $ref: '#/components/schemas/Cases_add_case_comment_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createCaseCommentResponse: + $ref: '#/components/examples/Cases_add_comment_response' + schema: + $ref: '#/components/schemas/Cases_case_response_properties' + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Add a case comment or alert + tags: + - cases + /api/cases/{caseId}/comments/_find: + get: + description: > + Retrieves a paginated list of comments for a case. You must have `read` + privileges for the **Cases** feature in the **Management**, + **Observability**, or **Security** section of the Kibana feature + privileges, depending on the owner of the cases with the comments you're + seeking. + operationId: findCaseCommentsDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_case_id' + - $ref: '#/components/parameters/Cases_page_index' + - $ref: '#/components/parameters/Cases_page_size' + - $ref: '#/components/parameters/Cases_sort_order' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_case_response_properties' + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Find case comments and alerts + tags: + - cases + /api/cases/{caseId}/comments/{commentId}: + delete: + description: > + You must have `all` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the Kibana + feature privileges, depending on the owner of the cases you're deleting. + operationId: deleteCaseCommentDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_kbn_xsrf' + - $ref: '#/components/parameters/Cases_case_id' + - $ref: '#/components/parameters/Cases_comment_id' + responses: + '204': + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Delete a case comment or alert + tags: + - cases + get: + description: > + You must have `read` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the Kibana + feature privileges, depending on the owner of the cases with the + comments you're seeking. + operationId: getCaseCommentDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_case_id' + - $ref: '#/components/parameters/Cases_comment_id' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getCaseCommentResponse: + $ref: '#/components/examples/Cases_get_comment_response' + schema: + oneOf: + - $ref: >- + #/components/schemas/Cases_alert_comment_response_properties + - $ref: >- + #/components/schemas/Cases_user_comment_response_properties + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get a case comment or alert + tags: + - cases + /api/cases/{caseId}/connector/{connectorId}/_push: + post: + description: > + You must have `all` privileges for the **Actions and Connectors** + feature in the **Management** section of the Kibana feature privileges. + You must also have `all` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the Kibana + feature privileges, depending on the owner of the case you're pushing. + operationId: pushCaseDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_case_id' + - $ref: '#/components/parameters/Cases_connector_id' + - $ref: '#/components/parameters/Cases_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + nullable: true + type: object + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + pushCaseResponse: + $ref: '#/components/examples/Cases_push_case_response' + schema: + $ref: '#/components/schemas/Cases_case_response_properties' + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Push a case to an external service + tags: + - cases + /api/cases/{caseId}/user_actions: + get: + deprecated: true + description: > + Returns all user activity for a case. Deprecated in 8.1.0. This API is + deprecated and will be removed in a future release; use the find user + actions API instead. You must have `read` privileges for the **Cases** + feature in the **Management**, **Observability**, or **Security** + section of the Kibana feature privileges, depending on the owner of the + case you're seeking. + operationId: getCaseActivityDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_case_id' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: '#/components/schemas/Cases_user_actions_response_properties' + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get case activity + tags: + - cases + /api/cases/{caseId}/user_actions/_find: + get: + description: > + Retrives a paginated list of user activity for a case. You must have + `read` privileges for the **Cases** feature in the **Management**, + **Observability**, or **Security** section of the Kibana feature + privileges, depending on the owner of the case you're seeking. + operationId: findCaseActivityDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_case_id' + - $ref: '#/components/parameters/Cases_page_index' + - $ref: '#/components/parameters/Cases_page_size' + - $ref: '#/components/parameters/Cases_sort_order' + - $ref: '#/components/parameters/Cases_user_action_types' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + findCaseActivityResponse: + $ref: '#/components/examples/Cases_find_case_activity_response' + schema: + type: object + properties: + page: + type: integer + perPage: + type: integer + total: + type: integer + userActions: + items: + $ref: >- + #/components/schemas/Cases_user_actions_find_response_properties + maxItems: 10000 + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Find case activity + tags: + - cases + /api/cases/alerts/{alertId}: + get: + description: > + You must have `read` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the Kibana + feature privileges, depending on the owner of the cases you're seeking. + operationId: getCasesByAlertDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_alert_id' + - $ref: '#/components/parameters/Cases_owner' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + example: + - id: 06116b80-e1c3-11ec-be9b-9b1838238ee6 + title: security_case + items: + type: object + properties: + id: + description: The case identifier. + type: string + title: + description: The case title. + type: string + maxItems: 10000 + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get cases for an alert + tags: + - cases + x-technical-preview: true + /api/cases/configure: + get: + description: > + Get setting details such as the closure type, custom fields, templatse, + and the default connector for cases. You must have `read` privileges for + the **Cases** feature in the **Management**, **Observability**, or + **Security** section of the Kibana feature privileges, depending on + where the cases were created. + operationId: getCaseConfigurationDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_owner' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getConfigurationResponse: + $ref: '#/components/examples/Cases_get_case_configuration_response' + schema: + items: + type: object + properties: + closure_type: + $ref: '#/components/schemas/Cases_closure_types' + connector: + type: object + properties: + fields: + description: >- + The fields specified in the case configuration are + not used and are not propagated to individual cases, + therefore it is recommended to set it to `null`. + nullable: true + type: object + id: + description: >- + The identifier for the connector. If you do not want + a default connector, use `none`. To retrieve + connector IDs, use the find connectors API. + example: none + type: string + name: + description: >- + The name of the connector. If you do not want a + default connector, use `none`. To retrieve connector + names, use the find connectors API. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + created_at: + example: '2022-06-01T17:07:17.767Z' + format: date-time + type: string + created_by: + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + customFields: + description: Custom fields configuration details. + items: + type: object + properties: + defaultValue: + description: > + A default value for the custom field. If the + `type` is `text`, the default value must be a + string. If the `type` is `toggle`, the default + value must be boolean. + oneOf: + - type: string + - type: boolean + key: + description: > + A unique key for the custom field. Must be lower + case and composed only of a-z, 0-9, '_', and '-' + characters. It is used in API calls to refer to a + specific custom field. + maxLength: 36 + minLength: 1 + type: string + label: + description: >- + The custom field label that is displayed in the + case. + maxLength: 50 + minLength: 1 + type: string + type: + description: The type of the custom field. + enum: + - text + - toggle + type: string + required: + description: > + Indicates whether the field is required. If + `false`, the custom field can be set to null or + omitted when a case is created or updated. + type: boolean + type: array + error: + example: null + nullable: true + type: string + id: + example: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 + type: string + mappings: + items: + type: object + properties: + action_type: + example: overwrite + type: string + source: + example: title + type: string + target: + example: summary + type: string + type: array + owner: + $ref: '#/components/schemas/Cases_owners' + templates: + $ref: '#/components/schemas/Cases_templates' + updated_at: + example: '2022-06-01T19:58:48.169Z' + format: date-time + nullable: true + type: string + updated_by: + nullable: true + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + version: + example: WzIwNzMsMV0= + type: string + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get case settings + tags: + - cases + post: + description: > + Case settings include external connection details, custom fields, and + templates. Connectors are used to interface with external systems. You + must create a connector before you can use it in your cases. If you set + a default connector, it is automatically selected when you create cases + in Kibana. If you use the create case API, however, you must still + specify all of the connector details. You must have `all` privileges for + the **Cases** feature in the **Management**, **Observability**, or + **Security** section of the Kibana feature privileges, depending on + where you are creating cases. + operationId: setCaseConfigurationDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + setCaseConfigRequest: + $ref: '#/components/examples/Cases_set_case_configuration_request' + schema: + $ref: '#/components/schemas/Cases_set_case_configuration_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + setCaseConfigResponse: + $ref: '#/components/examples/Cases_set_case_configuration_response' + schema: + type: object + properties: + closure_type: + $ref: '#/components/schemas/Cases_closure_types' + connector: + type: object + properties: + fields: + description: >- + The fields specified in the case configuration are not + used and are not propagated to individual cases, + therefore it is recommended to set it to `null`. + nullable: true + type: object + id: + description: >- + The identifier for the connector. If you do not want a + default connector, use `none`. To retrieve connector + IDs, use the find connectors API. + example: none + type: string + name: + description: >- + The name of the connector. If you do not want a + default connector, use `none`. To retrieve connector + names, use the find connectors API. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + created_at: + example: '2022-06-01T17:07:17.767Z' + format: date-time + type: string + created_by: + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + customFields: + description: Custom fields configuration details. + items: + type: object + properties: + defaultValue: + description: > + A default value for the custom field. If the `type` + is `text`, the default value must be a string. If + the `type` is `toggle`, the default value must be + boolean. + oneOf: + - type: string + - type: boolean + key: + description: > + A unique key for the custom field. Must be lower + case and composed only of a-z, 0-9, '_', and '-' + characters. It is used in API calls to refer to a + specific custom field. + maxLength: 36 + minLength: 1 + type: string + label: + description: >- + The custom field label that is displayed in the + case. + maxLength: 50 + minLength: 1 + type: string + type: + description: The type of the custom field. + enum: + - text + - toggle + type: string + required: + description: > + Indicates whether the field is required. If `false`, + the custom field can be set to null or omitted when + a case is created or updated. + type: boolean + type: array + error: + example: null + nullable: true + type: string + id: + example: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 + type: string + mappings: + items: + type: object + properties: + action_type: + example: overwrite + type: string + source: + example: title + type: string + target: + example: summary + type: string + type: array + owner: + $ref: '#/components/schemas/Cases_owners' + templates: + $ref: '#/components/schemas/Cases_templates' + updated_at: + example: '2022-06-01T19:58:48.169Z' + format: date-time + nullable: true + type: string + updated_by: + nullable: true + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + version: + example: WzIwNzMsMV0= + type: string + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Add case settings + tags: + - cases + /api/cases/configure/{configurationId}: + patch: + description: > + Updates setting details such as the closure type, custom fields, + templates, and the default connector for cases. Connectors are used to + interface with external systems. You must create a connector before you + can use it in your cases. You must have `all` privileges for the + **Cases** feature in the **Management**, **Observability**, or + **Security** section of the Kibana feature privileges, depending on + where the case was created. + operationId: updateCaseConfigurationDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_kbn_xsrf' + - $ref: '#/components/parameters/Cases_configuration_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateCaseConfigurationRequest: + $ref: '#/components/examples/Cases_update_case_configuration_request' + schema: + $ref: '#/components/schemas/Cases_update_case_configuration_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateCaseConfigurationResponse: + $ref: >- + #/components/examples/Cases_update_case_configuration_response + schema: + type: object + properties: + closure_type: + $ref: '#/components/schemas/Cases_closure_types' + connector: + type: object + properties: + fields: + description: >- + The fields specified in the case configuration are not + used and are not propagated to individual cases, + therefore it is recommended to set it to `null`. + nullable: true + type: object + id: + description: >- + The identifier for the connector. If you do not want a + default connector, use `none`. To retrieve connector + IDs, use the find connectors API. + example: none + type: string + name: + description: >- + The name of the connector. If you do not want a + default connector, use `none`. To retrieve connector + names, use the find connectors API. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + created_at: + example: '2022-06-01T17:07:17.767Z' + format: date-time + type: string + created_by: + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + customFields: + description: Custom fields configuration details. + items: + type: object + properties: + defaultValue: + description: > + A default value for the custom field. If the `type` + is `text`, the default value must be a string. If + the `type` is `toggle`, the default value must be + boolean. + oneOf: + - type: string + - type: boolean + key: + description: > + A unique key for the custom field. Must be lower + case and composed only of a-z, 0-9, '_', and '-' + characters. It is used in API calls to refer to a + specific custom field. + maxLength: 36 + minLength: 1 + type: string + label: + description: >- + The custom field label that is displayed in the + case. + maxLength: 50 + minLength: 1 + type: string + type: + description: The type of the custom field. + enum: + - text + - toggle + type: string + required: + description: > + Indicates whether the field is required. If `false`, + the custom field can be set to null or omitted when + a case is created or updated. + type: boolean + type: array + error: + example: null + nullable: true + type: string + id: + example: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 + type: string + mappings: + items: + type: object + properties: + action_type: + example: overwrite + type: string + source: + example: title + type: string + target: + example: summary + type: string + type: array + owner: + $ref: '#/components/schemas/Cases_owners' + templates: + $ref: '#/components/schemas/Cases_templates' + updated_at: + example: '2022-06-01T19:58:48.169Z' + format: date-time + nullable: true + type: string + updated_by: + nullable: true + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + version: + example: WzIwNzMsMV0= + type: string + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Update case settings + tags: + - cases + /api/cases/configure/connectors/_find: + get: + description: > + Get information about connectors that are supported for use in cases. + You must have `read` privileges for the **Actions and Connectors** + feature in the **Management** section of the Kibana feature privileges. + operationId: findCaseConnectorsDefaultSpace + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + findConnectorResponse: + $ref: '#/components/examples/Cases_find_connector_response' + schema: + items: + type: object + properties: + actionTypeId: + $ref: '#/components/schemas/Cases_connector_types' + config: + additionalProperties: true + type: object + properties: + apiUrl: + type: string + projectKey: + type: string + id: + type: string + isDeprecated: + type: boolean + isMissingSecrets: + type: boolean + isPreconfigured: + type: boolean + name: + type: string + referencedByCount: + type: integer + maxItems: 1000 + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get case connectors + tags: + - cases + /api/cases/reporters: + get: + description: > + Returns information about the users who opened cases. You must have read + privileges for the **Cases** feature in the **Management**, + **Observability**, or **Security** section of the Kibana feature + privileges, depending on the owner of the cases. The API returns + information about the users as they existed at the time of the case + creation, including their name, full name, and email address. If any of + those details change thereafter or if a user is deleted, the information + returned by this API is unchanged. + operationId: getCaseReportersDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_owner' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getReportersResponse: + $ref: '#/components/examples/Cases_get_reporters_response' + schema: + items: + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + maxItems: 10000 + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get case creators + tags: + - cases + /api/cases/status: + get: + deprecated: true + description: > + Returns the number of cases that are open, closed, and in progress. + Deprecated in 8.1.0. This API is deprecated and will be removed in a + future release; use the find cases API instead. You must have `read` + privileges for the **Cases** feature in the **Management**, + **Observability**, or **Security** section of the Kibana feature + privileges, depending on the owner of the cases you're seeking. + operationId: getCaseStatusDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_owner' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + count_closed_cases: + type: integer + count_in_progress_cases: + type: integer + count_open_cases: + type: integer + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get case status summary + tags: + - cases + /api/cases/tags: + get: + description: > + Aggregates and returns a list of case tags. You must have read + privileges for the **Cases** feature in the **Management**, + **Observability**, or **Security** section of the Kibana feature + privileges, depending on the owner of the cases you're seeking. + operationId: getCaseTagsDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_owner' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getTagsResponse: + $ref: '#/components/examples/Cases_get_tags_response' + schema: + items: + type: string + maxItems: 10000 + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get case tags + tags: + - cases + /api/data_views: + get: + operationId: getAllDataViewsDefault + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getAllDataViewsResponse: + $ref: '#/components/examples/Data_views_get_data_views_response' + schema: + type: object + properties: + data_view: + items: + type: object + properties: + id: + type: string + name: + type: string + namespaces: + items: + type: string + type: array + title: + type: string + typeMeta: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Get all data views + tags: + - data views + /api/data_views/data_view: + post: + operationId: createDataViewDefaultw + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createDataViewRequest: + $ref: '#/components/examples/Data_views_create_data_view_request' + schema: + $ref: '#/components/schemas/Data_views_create_data_view_request_object' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_data_view_response_object' + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Create a data view + tags: + - data views + /api/data_views/data_view/{viewId}: + delete: + description: | + WARNING: When you delete a data view, it cannot be recovered. + operationId: deleteDataViewDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' + responses: + '204': + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Delete a data view + tags: + - data views + get: + operationId: getDataViewDefault + parameters: + - $ref: '#/components/parameters/Data_views_view_id' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getDataViewResponse: + $ref: '#/components/examples/Data_views_get_data_view_response' + schema: + $ref: '#/components/schemas/Data_views_data_view_response_object' + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Get a data view + tags: + - data views + post: + operationId: updateDataViewDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateDataViewRequest: + $ref: '#/components/examples/Data_views_update_data_view_request' + schema: + $ref: '#/components/schemas/Data_views_update_data_view_request_object' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_data_view_response_object' + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Update a data view + tags: + - data views + /api/data_views/data_view/{viewId}/fields: + post: + description: > + Update fields presentation metadata such as count, customLabel, + customDescription, and format. + operationId: updateFieldsMetadataDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateFieldsMetadataRequest: + $ref: '#/components/examples/Data_views_update_field_metadata_request' + schema: + type: object + properties: + fields: + description: The field object. + type: object + required: + - fields + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Update data view fields metadata + tags: + - data views + /api/data_views/data_view/{viewId}/runtime_field: + post: + operationId: createRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createRuntimeFieldRequest: + $ref: '#/components/examples/Data_views_create_runtime_field_request' + schema: + type: object + properties: + name: + description: | + The name for a runtime field. + type: string + runtimeField: + description: | + The runtime field definition object. + type: object + required: + - name + - runtimeField + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + summary: Create a runtime field + tags: + - data views + put: + operationId: createUpdateRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - description: | + The ID of the data view fields you want to update. + in: path + name: viewId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateRuntimeFieldRequest: + $ref: '#/components/examples/Data_views_create_runtime_field_request' + schema: + type: object + properties: + name: + description: | + The name for a runtime field. + type: string + runtimeField: + description: | + The runtime field definition object. + type: object + required: + - name + - runtimeField + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data_view: + type: object + fields: + items: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Create or update a runtime field + tags: + - data views + /api/data_views/data_view/{viewId}/runtime_field/{fieldName}: + delete: + operationId: deleteRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_field_name' + - $ref: '#/components/parameters/Data_views_view_id' + responses: + '200': + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Delete a runtime field from a data view + tags: + - data views + get: + operationId: getRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_field_name' + - $ref: '#/components/parameters/Data_views_view_id' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getRuntimeFieldResponse: + $ref: '#/components/examples/Data_views_get_runtime_field_response' + schema: + type: object + properties: + data_view: + type: object + fields: + items: + type: object + type: array + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Get a runtime field + tags: + - data views + post: + operationId: updateRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_field_name' + - $ref: '#/components/parameters/Data_views_view_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateRuntimeFieldRequest: + $ref: '#/components/examples/Data_views_update_runtime_field_request' + schema: + type: object + properties: + runtimeField: + description: | + The runtime field definition object. + + You can update following fields: + + - `type` + - `script` + type: object + required: + - runtimeField + required: true + responses: + '200': + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Update a runtime field + tags: + - data views + /api/data_views/default: + get: + operationId: getDefaultDataViewDefault + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getDefaultDataViewResponse: + $ref: >- + #/components/examples/Data_views_get_default_data_view_response + schema: + type: object + properties: + data_view_id: + type: string + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Get the default data view + tags: + - data views + post: + operationId: setDefaultDatailViewDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + setDefaultDataViewRequest: + $ref: '#/components/examples/Data_views_set_default_data_view_request' + schema: + type: object + properties: + data_view_id: + description: > + The data view identifier. NOTE: The API does not validate + whether it is a valid identifier. Use `null` to unset the + default data view. + nullable: true + type: string + force: + default: false + description: Update an existing default data view identifier. + type: boolean + required: + - data_view_id + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Set the default data view + tags: + - data views + /api/data_views/swap_references: + post: + description: > + Changes saved object references from one data view identifier to + another. WARNING: Misuse can break large numbers of saved objects! + Practicing with a backup is recommended. + operationId: swapDataViewsDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + swapDataViewRequest: + $ref: '#/components/examples/Data_views_swap_data_view_request' + schema: + $ref: '#/components/schemas/Data_views_swap_data_view_request_object' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + deleteStatus: + type: object + properties: + deletePerformed: + type: boolean + remainingRefs: + type: integer + result: + items: + type: object + properties: + id: + description: A saved object identifier. + type: string + type: + description: The saved object type. + type: string + type: array + description: Indicates a successful call. + summary: Swap saved object references + tags: + - data views + /api/data_views/swap_references/_preview: + post: + description: > + Preview the impact of swapping saved object references from one data + view identifier to another. + operationId: previewSwapDataViewsDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + previewSwapDataViewRequest: + $ref: >- + #/components/examples/Data_views_preview_swap_data_view_request + schema: + $ref: '#/components/schemas/Data_views_swap_data_view_request_object' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + result: + items: + type: object + properties: + id: + description: A saved object identifier. + type: string + type: + description: The saved object type. + type: string + type: array + description: Indicates a successful call. + summary: Preview a saved object reference swap + tags: + - data views + /api/detection_engine/index: + delete: + operationId: DeleteAlertsIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Not enough permissions response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: string + description: Index does not exist response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Delete an alerts index + tags: + - Security Solution Detections API + - Alert index API + get: + operationId: ReadAlertsIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + index_mapping_outdated: + nullable: true + type: boolean + name: + type: string + required: + - name + - index_mapping_outdated + description: Successful response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Not enough permissions response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Reads the alert index name if it exists + tags: + - Security Solution Detections API + - Alert index API + post: + operationId: CreateAlertsIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Not enough permissions response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Create an alerts index + tags: + - Security Solution Detections API + - Alert index API + /api/detection_engine/privileges: + get: + description: > + Retrieves whether or not the user is authenticated, and the user's + Kibana + + space and index privileges, which determine if the user can create an + + index for the Elastic Security alerts generated by + + detection engine rules. + operationId: ReadPrivileges + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + has_encryption_key: + type: boolean + is_authenticated: + type: boolean + required: + - is_authenticated + - has_encryption_key + description: Successful response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Returns user privileges for the Kibana space + tags: + - Security Solution Detections API + - Privileges API + /api/detection_engine/rules: + delete: + description: Delete a detection rule using the `rule_id` or `id` field. + operationId: DeleteRule + parameters: + - description: The rule's `id` value. + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleObjectId' + - description: The rule's `rule_id` value. + in: query + name: rule_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Delete a detection rule + tags: + - Security Solution Detections API + - Rules API + get: + description: Retrieve a detection rule using the `rule_id` or `id` field. + operationId: ReadRule + parameters: + - description: The rule's `id` value. + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleObjectId' + - description: The rule's `rule_id` value. + in: query + name: rule_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Retrieve a detection rule + tags: + - Security Solution Detections API + - Rules API + patch: + description: >- + Update specific fields of an existing detection rule using the `rule_id` + or `id` field. + operationId: PatchRule + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePatchProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Patch a detection rule + tags: + - Security Solution Detections API + - Rules API + post: + description: Create a new detection rule. + operationId: CreateRule + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleCreateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Create a detection rule + tags: + - Security Solution Detections API + - Rules API + put: + description: > + Update a detection rule using the `rule_id` or `id` field. The original + rule is replaced, and all unspecified fields are deleted. + + > info + + > You cannot modify the `id` or `rule_id` values. + operationId: UpdateRule + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleUpdateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Update a detection rule + tags: + - Security Solution Detections API + - Rules API + /api/detection_engine/rules/_bulk_action: + post: + description: >- + Apply a bulk action, such as bulk edit, duplicate, or delete, to + multiple detection rules. The bulk action is applied to all rules that + match the query or to the rules listed by their IDs. + operationId: PerformRulesBulkAction + parameters: + - description: Enables dry run mode for the request call. + in: query + name: dry_run + required: false + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkDeleteRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkDisableRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEnableRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkExportRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkDuplicateRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkManualRuleRun + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditRules + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditActionResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkExportActionResponse + description: OK + summary: Apply a bulk action to detection rules + tags: + - Security Solution Detections API + - Bulk API + /api/detection_engine/rules/_bulk_create: + post: + deprecated: true + description: Create new detection rules in bulk. + operationId: BulkCreateRules + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleCreateProps + type: array + description: A JSON array of rules, where each rule contains the required fields. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkCrudRulesResponse + description: Indicates a successful call. + summary: Create multiple detection rules + tags: + - Security Solution Detections API + - Bulk API + /api/detection_engine/rules/_bulk_delete: + delete: + deprecated: true + description: Delete detection rules in bulk. + operationId: BulkDeleteRules + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + properties: + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + type: array + description: >- + A JSON array of `id` or `rule_id` fields of the rules you want to + delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkCrudRulesResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Delete multiple detection rules + tags: + - Security Solution Detections API + - Bulk API + post: + deprecated: true + description: Deletes multiple rules. + operationId: BulkDeleteRulesPost + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + properties: + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + type: array + description: >- + A JSON array of `id` or `rule_id` fields of the rules you want to + delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkCrudRulesResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Delete multiple detection rules + tags: + - Security Solution Detections API + - Bulk API + /api/detection_engine/rules/_bulk_update: + patch: + deprecated: true + description: >- + Update specific fields of existing detection rules using the `rule_id` + or `id` field. + operationId: BulkPatchRules + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePatchProps + type: array + description: A JSON array of rules, where each rule contains the required fields. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkCrudRulesResponse + description: Indicates a successful call. + summary: Patch multiple detection rules + tags: + - Security Solution Detections API + - Bulk API + put: + deprecated: true + description: > + Update multiple detection rules using the `rule_id` or `id` field. The + original rules are replaced, and all unspecified fields are deleted. + + > info + + > You cannot modify the `id` or `rule_id` values. + operationId: BulkUpdateRules + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleUpdateProps + type: array + description: >- + A JSON array where each element includes the `id` or `rule_id` field + of the rule you want to update and the fields you want to modify. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkCrudRulesResponse + description: Indicates a successful call. + summary: Update multiple detection rules + tags: + - Security Solution Detections API + - Bulk API + /api/detection_engine/rules/_export: + post: + description: > + Export detection rules to an `.ndjson` file. The following configuration + items are also included in the `.ndjson` file: + + - Actions + + - Exception lists + + > info + + > You cannot export prebuilt rules. + operationId: ExportRules + parameters: + - description: Determines whether a summary of the exported rules is returned. + in: query + name: exclude_export_details + required: false + schema: + default: false + type: boolean + - description: File name for saving the exported rules. + in: query + name: file_name + required: false + schema: + default: export.ndjson + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + nullable: true + type: object + properties: + objects: + description: >- + Array of `rule_id` fields. Exports all rules when + unspecified. + items: + type: object + properties: + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + required: + - rule_id + type: array + required: + - objects + required: false + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: An `.ndjson` file containing the returned rules. + format: binary + type: string + description: Indicates a successful call. + summary: Export detection rules + tags: + - Security Solution Detections API + - Import/Export API + /api/detection_engine/rules/_find: + get: + description: >- + Retrieve a paginated list of detection rules. By default, the first page + is returned, with 20 results per page. + operationId: FindRules + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_FindRulesSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Detections_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Rules per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + summary: List all detection rules + tags: + - Security Solution Detections API + - Rules API + /api/detection_engine/rules/_import: + post: + description: > + Import detection rules from an `.ndjson` file, including actions and + exception lists. The request must include: + + - The `Content-Type: multipart/form-data` HTTP header. + + - A link to the `.ndjson` file containing the rules. + operationId: ImportRules + parameters: + - description: >- + Determines whether existing rules with the same `rule_id` are + overwritten. + in: query + name: overwrite + required: false + schema: + default: false + type: boolean + - description: >- + Determines whether existing exception lists with the same `list_id` + are overwritten. + in: query + name: overwrite_exceptions + required: false + schema: + default: false + type: boolean + - description: >- + Determines whether existing actions with the same + `kibana.alert.rule.actions.id` are overwritten. + in: query + name: overwrite_action_connectors + required: false + schema: + default: false + type: boolean + - description: Generates a new list ID for each imported exception list. + in: query + name: as_new_list + required: false + schema: + default: false + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: The `.ndjson` file containing the rules. + format: binary + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + action_connectors_errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ErrorSchema + type: array + action_connectors_success: + type: boolean + action_connectors_success_count: + minimum: 0 + type: integer + action_connectors_warnings: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_WarningSchema + type: array + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ErrorSchema + type: array + exceptions_errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ErrorSchema + type: array + exceptions_success: + type: boolean + exceptions_success_count: + minimum: 0 + type: integer + rules_count: + minimum: 0 + type: integer + success: + type: boolean + success_count: + minimum: 0 + type: integer + required: + - exceptions_success + - exceptions_success_count + - exceptions_errors + - rules_count + - success + - success_count + - errors + - action_connectors_errors + - action_connectors_warnings + - action_connectors_success + - action_connectors_success_count + description: Indicates a successful call. + summary: Import detection rules + tags: + - Security Solution Detections API + - Import/Export API + /api/detection_engine/rules/{id}/exceptions: + post: + description: Create exception items that apply to a single detection rule. + operationId: CreateRuleExceptionListItems + parameters: + - description: Detection rule's identifier + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_RuleId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateRuleExceptionListItemProps + type: array + required: + - items + description: Rule exception list items + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Create rule exception list items + tags: + - Security Solution Exceptions API + /api/detection_engine/rules/prepackaged: + put: + description: Install and update all Elastic prebuilt detection rules and Timelines. + operationId: InstallPrebuiltRulesAndTimelines + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + rules_installed: + description: The number of rules installed + minimum: 0 + type: integer + rules_updated: + description: The number of rules updated + minimum: 0 + type: integer + timelines_installed: + description: The number of timelines installed + minimum: 0 + type: integer + timelines_updated: + description: The number of timelines updated + minimum: 0 + type: integer + required: + - rules_installed + - rules_updated + - timelines_installed + - timelines_updated + description: Indicates a successful call + summary: Install prebuilt detection rules and Timelines + tags: + - Security Solution Detections API + - Prebuilt Rules API + /api/detection_engine/rules/prepackaged/_status: + get: + description: >- + Retrieve the status of all Elastic prebuilt detection rules and + Timelines. + operationId: ReadPrebuiltRulesAndTimelinesStatus + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + rules_custom_installed: + description: The total number of custom rules + minimum: 0 + type: integer + rules_installed: + description: The total number of installed prebuilt rules + minimum: 0 + type: integer + rules_not_installed: + description: >- + The total number of available prebuilt rules that are not + installed + minimum: 0 + type: integer + rules_not_updated: + description: The total number of outdated prebuilt rules + minimum: 0 + type: integer + timelines_installed: + description: The total number of installed prebuilt timelines + minimum: 0 + type: integer + timelines_not_installed: + description: >- + The total number of available prebuilt timelines that are + not installed + minimum: 0 + type: integer + timelines_not_updated: + description: The total number of outdated prebuilt timelines + minimum: 0 + type: integer + required: + - rules_custom_installed + - rules_installed + - rules_not_installed + - rules_not_updated + - timelines_installed + - timelines_not_installed + - timelines_not_updated + description: Indicates a successful call + summary: Retrieve the status of prebuilt detection rules and Timelines + tags: + - Security Solution Detections API + - Prebuilt Rules API + /api/detection_engine/rules/preview: + post: + operationId: RulePreview + parameters: + - description: >- + Enables logging and returning in response ES queries, performed + during rule execution + in: query + name: enable_logged_requests + required: false + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + discriminator: + propertyName: type + description: >- + An object containing tags to add or remove and alert ids the changes + will be applied + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + isAborted: + type: boolean + logs: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewLogs + type: array + previewId: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + required: + - logs + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Preview rule alerts generated on specified time range + tags: + - Security Solution Detections API + - Rule preview API + /api/detection_engine/signals/assignees: + post: + description: | + Assign users to detection alerts, and unassign them from alerts. + > info + > You cannot add and remove the same assignee in the same request. + operationId: SetAlertAssignees + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + assignees: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertAssignees + description: Details about the assignees to assign and unassign. + ids: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertIds + description: List of alerts ids to assign and unassign passed assignees. + required: + - assignees + - ids + required: true + responses: + '200': + description: Indicates a successful call. + '400': + description: Invalid request. + summary: Assign and unassign users from detection alerts + tags: + - Security Solution Detections API + /api/detection_engine/signals/finalize_migration: + post: + description: > + Finalize successful migrations of detection alerts. This replaces the + original index's alias with the successfully migrated index's alias. + + The endpoint is idempotent; therefore, it can safely be used to poll a + given migration and, upon completion, + + finalize it. + operationId: FinalizeAlertsMigration + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + migration_ids: + items: + type: string + minItems: 1 + type: array + required: + - migration_ids + description: Array of `migration_id`s to finalize + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_MigrationFinalizationResult + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Finalize detection alert migrations + tags: + - Security Solution Detections API + - Alerts migration API + /api/detection_engine/signals/migration: + delete: + description: > + Migrations favor data integrity over shard size. Consequently, unused or + orphaned indices are artifacts of + + the migration process. A successful migration will result in both the + old and new indices being present. + + As such, the old, orphaned index can (and likely should) be deleted. + + + While you can delete these indices manually, + + the endpoint accomplishes this task by applying a deletion policy to the + relevant index, causing it to be deleted + + after 30 days. It also deletes other artifacts specific to the migration + implementation. + operationId: AlertsMigrationCleanup + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + migration_ids: + items: + type: string + minItems: 1 + type: array + required: + - migration_ids + description: Array of `migration_id`s to cleanup + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_MigrationCleanupResult + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Clean up detection alert migrations + tags: + - Security Solution Detections API + - Alerts migration API + post: + description: > + Initiate a migration of detection alerts. + + Migrations are initiated per index. While the process is neither + destructive nor interferes with existing data, it may be + resource-intensive. As such, it is recommended that you plan your + migrations accordingly. + operationId: CreateAlertsMigration + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + allOf: + - type: object + properties: + index: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + minItems: 1 + type: array + required: + - index + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsReindexOptions + description: Alerts migration parameters + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + indices: + items: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexMigrationSuccess + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexMigrationError + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SkippedAlertsIndexMigration + type: array + required: + - indices + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Initiate a detection alert migration + tags: + - Security Solution Detections API + - Alerts migration API + /api/detection_engine/signals/migration_status: + post: + description: >- + Retrieve indices that contain detection alerts of a particular age, + along with migration information for each of those indices. + operationId: ReadAlertsMigrationStatus + parameters: + - description: Maximum age of qualifying detection alerts + in: query + name: from + required: true + schema: + description: > + Time from which data is analyzed. For example, now-4200s means the + rule analyzes data from 70 minutes + + before its start time. Defaults to now-6m (analyzes data from 6 + minutes before the start time). + format: date-math + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + indices: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexMigrationStatus + type: array + required: + - indices + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Retrieve the status of detection alert migrations + tags: + - Security Solution Detections API + - Alerts migration API + /api/detection_engine/signals/search: + post: + description: Find and/or aggregate detection alerts that match the given query. + operationId: SearchAlerts + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + description: Elasticsearch query and aggregation request + type: object + properties: + _source: + oneOf: + - type: boolean + - type: string + - items: + type: string + type: array + aggs: + additionalProperties: true + type: object + fields: + items: + type: string + type: array + query: + additionalProperties: true + type: object + runtime_mappings: + additionalProperties: true + type: object + size: + minimum: 0 + type: integer + sort: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsSort + track_total_hits: + type: boolean + description: Search and/or aggregation query + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: true + description: Elasticsearch search response + type: object + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Find and/or aggregate detection alerts + tags: + - Security Solution Detections API + - Alerts API + /api/detection_engine/signals/status: + post: + description: Set the status of one or more detection alerts. + operationId: SetAlertsStatus + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SetAlertsStatusByIds + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SetAlertsStatusByQuery + description: >- + An object containing desired status and explicit alert ids or a query + to select alerts + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: true + description: Elasticsearch update by query response + type: object + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Set a detection alert status + tags: + - Security Solution Detections API + - Alerts API + /api/detection_engine/signals/tags: + post: + description: | + And tags to detection alerts, and remove them from alerts. + > info + > You cannot add and remove the same alert tag in the same request. + operationId: SetAlertTags + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + ids: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertIds + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SetAlertTags + required: + - ids + - tags + description: >- + An object containing tags to add or remove and alert ids the changes + will be applied + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: true + description: Elasticsearch update by query response + type: object + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Add and remove detection alert tags + tags: + - Security Solution Detections API + - Alerts API + /api/detection_engine/tags: + get: + description: List all unique tags from all detection rules. + operationId: ReadTags + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + description: Indicates a successful call + summary: List all detection rule tags + tags: + - Security Solution Detections API + - Tags API + /api/encrypted_saved_objects/_rotate_key: + post: + description: > + Superuser role required. + + + If a saved object cannot be decrypted using the primary encryption key, + then Kibana will attempt to decrypt it using the specified + decryption-only keys. In most of the cases this overhead is negligible, + but if you're dealing with a large number of saved objects and + experiencing performance issues, you may want to rotate the encryption + key. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: rotateEncryptionKey + parameters: + - description: > + Specifies a maximum number of saved objects that Kibana can process + in a single batch. Bulk key rotation is an iterative process since + Kibana may not be able to fetch and process all required saved + objects in one go and splits processing into consequent batches. By + default, the batch size is 10000, which is also a maximum allowed + value. + in: query + name: batch_size + required: false + schema: + default: 10000 + type: number + - description: > + Limits encryption key rotation only to the saved objects with the + specified type. By default, Kibana tries to rotate the encryption + key for all saved object types that may contain encrypted + attributes. + in: query + name: type + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + rotateEncryptionKeyResponse: + $ref: '#/components/examples/Saved_objects_key_rotation_response' + schema: + type: object + properties: + failed: + description: > + Indicates the number of the saved objects that were still + encrypted with one of the old encryption keys that Kibana + failed to re-encrypt with the primary key. + type: number + successful: + description: > + Indicates the total number of all encrypted saved objects + (optionally filtered by the requested `type`), regardless + of the key Kibana used for encryption. + + + NOTE: In most cases, `total` will be greater than + `successful` even if `failed` is zero. The reason is that + Kibana may not need or may not be able to rotate + encryption keys for all encrypted saved objects. + type: number + total: + description: > + Indicates the total number of all encrypted saved objects + (optionally filtered by the requested `type`), regardless + of the key Kibana used for encryption. + type: number + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + '429': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Already in progress. + summary: Rotate a key for encrypted saved objects + tags: + - saved objects + /api/endpoint_list: + post: + description: >- + Create an endpoint exception list, which groups endpoint exception list + items. If an endpoint exception list already exists, an empty response + is returned. + operationId: CreateEndpointList + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Create an endpoint exception list + tags: + - Security Solution Endpoint Exceptions API + /api/endpoint_list/items: + delete: + description: >- + Delete an endpoint exception list item using the `id` or `item_id` + field. + operationId: DeleteEndpointListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Delete an endpoint exception list item + tags: + - Security Solution Endpoint Exceptions API + get: + description: >- + Get the details of an endpoint exception list item using the `id` or + `item_id` field. + operationId: ReadEndpointListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Get an endpoint exception list item + tags: + - Security Solution Endpoint Exceptions API + post: + description: >- + Create an endpoint exception list item, and associate it with the + endpoint exception list. + operationId: CreateEndpointListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + comments: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray + item_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item already exists + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Create an endpoint exception list item + tags: + - Security Solution Endpoint Exceptions API + put: + description: >- + Update an endpoint exception list item using the `id` or `item_id` + field. + operationId: UpdateEndpointListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + description: Either `id` or `item_id` must be specified + item_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + description: Either `id` or `item_id` must be specified + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Update an endpoint exception list item + tags: + - Security Solution Endpoint Exceptions API + /api/endpoint_list/items/_find: + get: + description: Get a list of all endpoint exception list items. + operationId: FindEndpointListItems + parameters: + - description: > + Filters the returned results according to the value of the specified + field, + + using the `:` syntax. + in: query + name: filter + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_FindEndpointListItemsFilter + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 0 + type: integer + - description: The number of exception list items to return per page + in: query + name: per_page + required: false + schema: + minimum: 0 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + pit: + type: string + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Get endpoint exception list items + tags: + - Security Solution Endpoint Exceptions API + /api/endpoint/action: + get: + description: Get a list of all response actions. + operationId: EndpointGetActionsList + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_GetEndpointActionListRouteQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get response actions + tags: + - Security Solution Endpoint Management API + /api/endpoint/action_log/{agent_id}: + get: + deprecated: true + description: Get an action request log for the specified agent ID. + operationId: EndpointGetActionLog + parameters: + - in: path + name: agent_id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentId + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ActionLogRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get an action request log + tags: + - Security Solution Endpoint Management API + /api/endpoint/action_status: + get: + description: Get the status of response actions for the specified agent IDs. + operationId: EndpointGetActionsStatus + parameters: + - in: query + name: query + required: true + schema: + type: object + properties: + agent_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ActionStatusSuccessResponse + description: OK + summary: Get response actions status + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/{action_id}: + get: + description: Get the details of a response action using the action ID. + operationId: EndpointGetActionsDetails + parameters: + - in: path + name: action_id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get action details + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/{action_id}/file/{file_id}: + get: + description: Get information for the specified file using the file ID. + operationId: EndpointFileInfo + parameters: + - in: path + name: action_id + required: true + schema: + type: string + - in: path + name: file_id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get file information + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/{action_id}/file/{file_id}/download: + get: + description: Download a file from an endpoint. + operationId: EndpointFileDownload + parameters: + - in: path + name: action_id + required: true + schema: + type: string + - in: path + name: file_id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Download a file + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/execute: + post: + description: Run a shell command on an endpoint. + operationId: EndpointExecuteAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ExecuteRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Run a command + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/get_file: + post: + description: Get a file from an endpoint. + operationId: EndpointGetFileAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_GetFileRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get a file + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/isolate: + post: + description: >- + Isolate an endpoint from the network. The endpoint remains isolated + until it's released. + operationId: EndpointIsolateAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_IsolateRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Isolate an endpoint + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/kill_process: + post: + description: Terminate a running process on an endpoint. + operationId: EndpointKillProcessAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_KillProcessRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Terminate a process + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/running_procs: + post: + description: Get a list of all processes running on an endpoint. + operationId: EndpointGetProcessesAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_GetProcessesRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get running processes + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/scan: + post: + description: Scan a specific file or directory on an endpoint for malware. + operationId: EndpointScanAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ScanRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Scan a file or directory + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/state: + get: + description: >- + Get a response actions state, which reports whether encryption is + enabled. + operationId: EndpointGetActionsState + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ActionStateSuccessResponse + description: OK + summary: Get actions state + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/suspend_process: + post: + description: Suspend a running process on an endpoint. + operationId: EndpointSuspendProcessAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuspendProcessRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Suspend a process + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/unisolate: + post: + description: Release an isolated endpoint, allowing it to rejoin a network. + operationId: EndpointUnisolateAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_UnisolateRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Release an isolated endpoint + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/upload: + post: + description: Upload a file to an endpoint. + operationId: EndpointUploadAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_UploadRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Upload a file + tags: + - Security Solution Endpoint Management API + /api/endpoint/isolate: + post: + deprecated: true + description: > + Isolate an endpoint from the network. + + > info + + > This URL will return a 308 permanent redirect to `POST :/api/endpoint/action/isolate`. + operationId: EndpointIsolateRedirect + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + '308': + description: Permanent Redirect + headers: + Location: + description: Permanently redirects to "/api/endpoint/action/isolate" + schema: + example: /api/endpoint/action/isolate + type: string + summary: Isolate an endpoint + tags: + - Security Solution Endpoint Management API + /api/endpoint/metadata: + get: + operationId: GetEndpointMetadataList + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ListRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get a metadata list + tags: + - Security Solution Endpoint Management API + /api/endpoint/metadata/{id}: + get: + operationId: GetEndpointMetadata + parameters: + - in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get metadata + tags: + - Security Solution Endpoint Management API + /api/endpoint/metadata/transforms: + get: + operationId: GetEndpointMetadataTransform + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get metadata transforms + tags: + - Security Solution Endpoint Management API + /api/endpoint/policy_response: + get: + operationId: GetPolicyResponse + parameters: + - in: query + name: query + required: true + schema: + type: object + properties: + agentId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get a policy response + tags: + - Security Solution Endpoint Management API + /api/endpoint/policy/summaries: + get: + deprecated: true + operationId: GetAgentPolicySummary + parameters: + - in: query + name: query + required: true + schema: + type: object + properties: + package_name: + type: string + policy_id: + nullable: true + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get an agent policy summary + tags: + - Security Solution Endpoint Management API + /api/endpoint/protection_updates_note/{package_policy_id}: + get: + operationId: GetProtectionUpdatesNote + parameters: + - in: path + name: package_policy_id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ProtectionUpdatesNoteResponse + description: OK + summary: Get a protection updates note + tags: + - Security Solution Endpoint Management API + post: + operationId: CreateUpdateProtectionUpdatesNote + parameters: + - in: path + name: package_policy_id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + note: + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ProtectionUpdatesNoteResponse + description: OK + summary: Create or update a protection updates note + tags: + - Security Solution Endpoint Management API + /api/endpoint/suggestions/{suggestion_type}: + post: + operationId: GetEndpointSuggestions + parameters: + - in: path + name: suggestion_type + required: true + schema: + enum: + - eventFilters + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + field: + type: string + fieldMeta: {} + filters: {} + query: + type: string + required: + - parameters + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get suggestions + tags: + - Security Solution Endpoint Management API + /api/endpoint/unisolate: + post: + deprecated: true + description: > + Release an isolated endpoint, allowing it to rejoin a network. + + > info + + > This URL will return a 308 permanent redirect to `POST :/api/endpoint/action/unisolate`. + operationId: EndpointUnisolateRedirect + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + '308': + description: Permanent Redirect + headers: + Location: + description: Permanently redirects to "/api/endpoint/action/unisolate" + schema: + example: /api/endpoint/action/unisolate + type: string + summary: Release an isolated endpoint + tags: + - Security Solution Endpoint Management API + /api/entity_store/engines: + get: + operationId: ListEntityStoreEngines + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + count: + type: integer + engines: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EngineDescriptor + type: array + description: Successful response + summary: List the Entity Store engines + tags: + - Security Solution Entity Analytics API + /api/entity_store/engines/{entityType}: + delete: + operationId: DeleteEntityStore + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + - description: Control flag to also delete the entity data. + in: query + name: data + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + deleted: + type: boolean + description: Successful response + summary: Delete the Entity Store engine + tags: + - Security Solution Entity Analytics API + get: + operationId: GetEntityStoreEngine + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EngineDescriptor + description: Successful response + summary: Get the Entity Store engine + tags: + - Security Solution Entity Analytics API + /api/entity_store/engines/{entityType}/init: + post: + operationId: InitEntityStore + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + filter: + type: string + indexPattern: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IndexPattern + description: Schema for the engine initialization + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EngineDescriptor + description: Successful response + summary: Initialize the Entity Store + tags: + - Security Solution Entity Analytics API + /api/entity_store/engines/{entityType}/start: + post: + operationId: StartEntityStore + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + started: + type: boolean + description: Successful response + summary: Start the Entity Store engine + tags: + - Security Solution Entity Analytics API + /api/entity_store/engines/{entityType}/stats: + post: + operationId: GetEntityStoreStats + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + indexPattern: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IndexPattern + indices: + items: + type: object + type: array + status: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EngineStatus + transforms: + items: + type: object + type: array + type: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + description: Successful response + summary: Get the Entity Store engine stats + tags: + - Security Solution Entity Analytics API + /api/entity_store/engines/{entityType}/stop: + post: + operationId: StopEntityStore + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + stopped: + type: boolean + description: Successful response + summary: Stop the Entity Store engine + tags: + - Security Solution Entity Analytics API + /api/entity_store/entities/list: + get: + description: List entities records, paging, sorting and filtering as needed. + operationId: ListEntities + parameters: + - in: query + name: sort_field + required: false + schema: + type: string + - in: query + name: sort_order + required: false + schema: + enum: + - asc + - desc + type: string + - in: query + name: page + required: false + schema: + minimum: 1 + type: integer + - in: query + name: per_page + required: false + schema: + maximum: 10000 + minimum: 1 + type: integer + - description: An ES query to filter by. + in: query + name: filterQuery + required: false + schema: + type: string + - in: query + name: entities_types + required: true + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + inspect: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_InspectQuery + page: + minimum: 1 + type: integer + per_page: + maximum: 1000 + minimum: 1 + type: integer + records: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_Entity + type: array + total: + minimum: 0 + type: integer + required: + - records + - page + - per_page + - total + description: Entities returned successfully + summary: List Entity Store Entities + tags: + - Security Solution Entity Analytics API + /api/exception_lists: + delete: + description: Delete an exception list using the `id` or `list_id` field. + operationId: DeleteExceptionList + parameters: + - description: Either `id` or `list_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Either `id` or `list_id` must be specified + in: query + name: list_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Delete an exception list + tags: + - Security Solution Exceptions API + get: + description: Get the details of an exception list using the `id` or `list_id` field. + operationId: ReadExceptionList + parameters: + - description: Either `id` or `list_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Either `id` or `list_id` must be specified + in: query + name: list_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Get exception list details + tags: + - Security Solution Exceptions API + post: + description: > + An exception list groups exception items and can be associated with + detection rules. You can assign detection rules with multiple exception + lists. + + > info + + > All exception items added to the same list are evaluated using `OR` + logic. That is, if any of the items in a list evaluate to `true`, the + exception prevents the rule from generating an alert. Likewise, `OR` + logic is used for evaluating exceptions when more than one exception + list is assigned to a rule. To use the `AND` operator, you can define + multiple clauses (`entries`) in a single exception item. + operationId: CreateExceptionList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListType + version: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListVersion + default: 1 + required: + - name + - description + - type + description: Exception list's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Create an exception list + tags: + - Security Solution Exceptions API + put: + description: Update an exception list using the `id` or `list_id` field. + operationId: UpdateExceptionList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListTags + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListType + version: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListVersion + required: + - name + - description + - type + description: Exception list's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Update an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/_duplicate: + post: + description: Duplicate an existing exception list. + operationId: DuplicateExceptionList + parameters: + - description: Exception list's human identifier + in: query + name: list_id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + - description: >- + Determines whether to include expired exceptions in the exported + list + in: query + name: include_expired_exceptions + required: true + schema: + default: 'true' + enum: + - 'true' + - 'false' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list to duplicate not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Duplicate an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/_export: + post: + description: Export an exception list and its associated items to an NDJSON file. + operationId: ExportExceptionList + parameters: + - description: Exception list's identifier + in: query + name: id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Exception list's human identifier + in: query + name: list_id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + - description: >- + Determines whether to include expired exceptions in the exported + list + in: query + name: include_expired_exceptions + required: true + schema: + default: 'true' + enum: + - 'true' + - 'false' + type: string + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: >- + A `.ndjson` file containing specified exception list and its + items + format: binary + type: string + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Export an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/_find: + get: + description: Get a list of all exception lists. + operationId: FindExceptionLists + parameters: + - description: > + Filters the returned results according to the value of the specified + field. + + + Uses the `so type.field name:field` value syntax, where `so type` + can be: + + + - `exception-list`: Specify a space-aware exception list. + + - `exception-list-agnostic`: Specify an exception list that is + shared across spaces. + in: query + name: filter + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_FindExceptionListsFilter + - description: > + Determines whether the returned containers are Kibana associated + with a Kibana space + + or available in all spaces (`agnostic` or `single`) + in: query + name: namespace_type + required: false + schema: + default: + - single + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + type: array + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 1 + type: integer + - description: The number of exception lists to return per page + in: query + name: per_page + required: false + schema: + minimum: 1 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + type: string + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + type: array + page: + minimum: 1 + type: integer + per_page: + minimum: 1 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Get exception lists + tags: + - Security Solution Exceptions API + /api/exception_lists/_import: + post: + description: Import an exception list and its associated items from an NDJSON file. + operationId: ImportExceptionList + parameters: + - description: > + Determines whether existing exception lists with the same `list_id` + are overwritten. + + If any exception items have the same `item_id`, those are also + overwritten. + in: query + name: overwrite + required: false + schema: + default: false + type: boolean + - in: query + name: overwrite_exceptions + required: false + schema: + default: false + type: boolean + - in: query + name: overwrite_action_connectors + required: false + schema: + default: false + type: boolean + - description: > + Determines whether the list being imported will have a new `list_id` + generated. + + Additional `item_id`'s are generated for each exception item. Both + the exception + + list and its items are overwritten. + in: query + name: as_new_list + required: false + schema: + default: false + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: A `.ndjson` file containing the exception list + format: binary + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + errors: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListsImportBulkErrorArray + success: + type: boolean + success_count: + minimum: 0 + type: integer + success_count_exception_list_items: + minimum: 0 + type: integer + success_count_exception_lists: + minimum: 0 + type: integer + success_exception_list_items: + type: boolean + success_exception_lists: + type: boolean + required: + - errors + - success + - success_count + - success_exception_lists + - success_count_exception_lists + - success_exception_list_items + - success_count_exception_list_items + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Import an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/items: + delete: + description: Delete an exception list item using the `id` or `item_id` field. + operationId: DeleteExceptionListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Delete an exception list item + tags: + - Security Solution Exceptions API + get: + description: >- + Get the details of an exception list item using the `id` or `item_id` + field. + operationId: ReadExceptionListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Get an exception list item + tags: + - Security Solution Exceptions API + post: + description: > + Create an exception item and associate it with the specified exception + list. + + > info + + > Before creating exception items, you must create an exception list. + operationId: CreateExceptionListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + required: + - list_id + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Create an exception list item + tags: + - Security Solution Exceptions API + put: + description: Update an exception list item using the `id` or `item_id` field. + operationId: UpdateExceptionListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_UpdateExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + description: Either `id` or `item_id` must be specified + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + description: Either `id` or `item_id` must be specified + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Update an exception list item + tags: + - Security Solution Exceptions API + /api/exception_lists/items/_find: + get: + description: Get a list of all exception list items in the specified list. + operationId: FindExceptionListItems + parameters: + - description: List's id + in: query + name: list_id + required: true + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + type: array + - description: > + Filters the returned results according to the value of the specified + field, + + using the `:` syntax. + in: query + name: filter + required: false + schema: + default: [] + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_FindExceptionListItemsFilter + type: array + - description: > + Determines whether the returned containers are Kibana associated + with a Kibana space + + or available in all spaces (`agnostic` or `single`) + in: query + name: namespace_type + required: false + schema: + default: + - single + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + type: array + - in: query + name: search + required: false + schema: + type: string + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 0 + type: integer + - description: The number of exception list items to return per page + in: query + name: per_page + required: false + schema: + minimum: 0 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_NonEmptyString + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + type: array + page: + minimum: 1 + type: integer + per_page: + minimum: 1 + type: integer + pit: + type: string + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Get exception list items + tags: + - Security Solution Exceptions API + /api/exception_lists/summary: + get: + description: Get a summary of the specified exception list. + operationId: ReadExceptionListSummary + parameters: + - description: Exception list's identifier generated upon creation + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Exception list's human readable identifier + in: query + name: list_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + - description: Search filter clause + in: query + name: filter + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + linux: + minimum: 0 + type: integer + macos: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + windows: + minimum: 0 + type: integer + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Get an exception list summary + tags: + - Security Solution Exceptions API + /api/exceptions/shared: + post: + description: > + An exception list groups exception items and can be associated with + detection rules. A shared exception list can apply to multiple detection + rules. + + > info + + > All exception items added to the same list are evaluated using `OR` + logic. That is, if any of the items in a list evaluate to `true`, the + exception prevents the rule from generating an alert. Likewise, `OR` + logic is used for evaluating exceptions when more than one exception + list is assigned to a rule. To use the `AND` operator, you can define + multiple clauses (`entries`) in a single exception item. + operationId: CreateSharedExceptionList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + required: + - name + - description + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Create a shared exception list + tags: + - Security Solution Exceptions API + /api/fleet/agent_download_sources: + get: + operationId: get-download-sources + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_download_sources' + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agent binary download sources + tags: + - Elastic Agent binary download sources + post: + operationId: post-download-sources + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host: + type: string + id: + type: string + is_default: + type: boolean + name: + type: string + required: + - name + - host + - is_default + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_download_sources' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create agent binary download source + tags: + - Elastic Agent binary download sources + /api/fleet/agent_download_sources/{sourceId}: + delete: + operationId: delete-download-source + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + required: + - id + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete agent binary download source by ID + tags: + - Elastic Agent binary download sources + get: + operationId: get-one-download-source + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_download_sources' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent binary download source by ID + tags: + - Elastic Agent binary download sources + parameters: + - in: path + name: sourceId + required: true + schema: + type: string + put: + operationId: update-download-source + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host: + type: string + is_default: + type: boolean + name: + type: string + required: + - name + - is_default + - host + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_download_sources' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update agent binary download source by ID + tags: + - Elastic Agent binary download sources + /api/fleet/agent_policies: + get: + description: '' + operationId: agent-policy-list + parameters: + - $ref: '#/components/parameters/Fleet_page_size' + - $ref: '#/components/parameters/Fleet_page_index' + - $ref: '#/components/parameters/Fleet_kuery' + - $ref: '#/components/parameters/Fleet_format' + - description: >- + When set to true, retrieve the related package policies for each + agent policy. + in: query + name: full + schema: + type: boolean + - description: >- + When set to true, do not count how many agents are in the agent + policy, this can improve performance if you are searching over a + large number of agent policies. The "agents" property will always be + 0 if set to true. + in: query + name: noAgentCount + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_agent_policy' + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agent policies + tags: + - Elastic Agent policies + post: + operationId: create-agent-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_agent_policy_create_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent_policy' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create agent policy + tags: + - Elastic Agent policies + /api/fleet/agent_policies/_bulk_get: + post: + operationId: bulk-get-agent-policies + parameters: + - $ref: '#/components/parameters/Fleet_format' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + full: + description: get full policies with package policies populated + type: boolean + ids: + description: list of agent policy ids + items: + type: string + type: array + ignoreMissing: + type: boolean + required: + - ids + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_agent_policy' + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk get agent policies + tags: + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}: + get: + description: Get one agent policy + operationId: agent-policy-info + parameters: [] + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent_policy' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent policy by ID + tags: + - Elastic Agent policies + parameters: + - in: path + name: agentPolicyId + required: true + schema: + type: string + - $ref: '#/components/parameters/Fleet_format' + put: + operationId: update-agent-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_agent_policy_update_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent_policy' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update agent policy by ID + tags: + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}/copy: + parameters: + - in: path + name: agentPolicyId + required: true + schema: + type: string + - $ref: '#/components/parameters/Fleet_format' + post: + operationId: agent-policy-copy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + type: string + name: + type: string + required: + - name + description: '' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent_policy' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Copy agent policy by ID + tags: + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}/download: + get: + operationId: agent-policy-download + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Download agent policy by ID + tags: + - Elastic Agent policies + parameters: + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: download + required: false + schema: + type: string + - in: query + name: standalone + required: false + schema: + type: string + - in: query + name: kubernetes + required: false + schema: + type: string + /api/fleet/agent_policies/{agentPolicyId}/full: + get: + operationId: agent-policy-full + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + oneOf: + - type: string + - $ref: '#/components/schemas/Fleet_agent_policy_full' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get full agent policy by ID + tags: + - Elastic Agent policies + parameters: + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: download + required: false + schema: + type: string + - in: query + name: standalone + required: false + schema: + type: string + - in: query + name: kubernetes + required: false + schema: + type: string + /api/fleet/agent_policies/delete: + parameters: [] + post: + operationId: delete-agent-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + agentPolicyId: + type: string + force: + description: >- + bypass validation checks that can prevent agent policy + deletion + type: boolean + required: + - agentPolicyId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + success: + type: boolean + required: + - id + - success + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete agent policy by ID + tags: + - Elastic Agent policies + /api/fleet/agent_status: + get: + operationId: get-agent-status + parameters: + - in: query + name: policyId + required: false + schema: + type: string + - deprecated: true + in: query + name: kuery + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + active: + type: integer + all: + type: integer + error: + type: integer + events: + type: integer + inactive: + type: integer + offline: + type: integer + online: + type: integer + other: + type: integer + total: + deprecated: true + type: integer + unenrolled: + type: integer + updating: + type: integer + required: + - active + - all + - error + - events + - inactive + - offline + - online + - other + - total + - updating + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent status summary + tags: + - Elastic Agent status + /api/fleet/agent_status/data: + get: + operationId: get-agent-data + parameters: + - in: query + name: agentsIds + required: true + schema: + items: + type: string + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + additionalProperties: + type: object + properties: + data: + type: boolean + type: object + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get incoming agent data + tags: + - Elastic Agent status + /api/fleet/agent-status: + get: + deprecated: true + operationId: get-agent-status-deprecated + parameters: + - in: query + name: policyId + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: integer + events: + type: integer + inactive: + type: integer + offline: + type: integer + online: + type: integer + other: + type: integer + total: + type: integer + updating: + type: integer + required: + - error + - events + - inactive + - offline + - online + - other + - total + - updating + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent status summary + tags: + - Elastic Agent status + /api/fleet/agents: + get: + operationId: get-agents + parameters: + - $ref: '#/components/parameters/Fleet_page_size' + - $ref: '#/components/parameters/Fleet_page_index' + - $ref: '#/components/parameters/Fleet_kuery' + - $ref: '#/components/parameters/Fleet_show_inactive' + - $ref: '#/components/parameters/Fleet_show_upgradeable' + - $ref: '#/components/parameters/Fleet_sort_field' + - $ref: '#/components/parameters/Fleet_sort_order' + - $ref: '#/components/parameters/Fleet_with_metrics' + - in: query + name: getStatusSummary + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_get_agents_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agents + tags: + - Elastic Agents + post: + operationId: get-agents-by-actions + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionIds: + items: + type: string + type: array + required: + - policy_id + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_agent_get_by_actions' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agents by action ids + tags: + - Elastic Agents + /api/fleet/agents/{agentId}: + delete: + operationId: delete-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + enum: + - deleted + type: string + required: + - action + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete agent by ID + tags: + - Elastic Agents + get: + operationId: get-agent + parameters: + - $ref: '#/components/parameters/Fleet_with_metrics' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent by ID + tags: + - Elastic Agents + parameters: + - in: path + name: agentId + required: true + schema: + type: string + put: + operationId: update-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + tags: + items: + type: string + type: array + user_provided_metadata: + type: object + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update agent by ID + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/actions: + parameters: + - in: path + name: agentId + required: true + schema: + type: string + post: + operationId: new-agent-action + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + $ref: '#/components/schemas/Fleet_agent_action' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + items: + type: number + type: array + headers: + type: string + statusCode: + type: number + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create agent action + tags: + - Elastic Agent actions + /api/fleet/agents/{agentId}/reassign: + parameters: + - in: path + name: agentId + required: true + schema: + type: string + post: + operationId: reassign-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + policy_id: + type: string + required: + - policy_id + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Reassign agent + tags: + - Elastic Agents + put: + deprecated: true + operationId: reassign-agent-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + policy_id: + type: string + required: + - policy_id + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Reassign agent + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/request_diagnostics: + parameters: + - in: path + name: agentId + required: true + schema: + type: string + post: + operationId: request-diagnostics-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + additional_metrics: + items: + oneOf: + - enum: + - CPU + type: string + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Request agent diagnostics + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/unenroll: + parameters: + - in: path + name: agentId + required: true + schema: + type: string + post: + operationId: unenroll-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + type: boolean + revoke: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: OK + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + enum: + - 400 + type: number + description: BAD REQUEST + summary: Unenroll agent + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/upgrade: + parameters: + - in: path + name: agentId + required: true + schema: + type: string + post: + operationId: upgrade-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_upgrade_agent' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_upgrade_agent' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Upgrade agent + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/uploads: + get: + operationId: list-agent-uploads + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: object + properties: + item: + items: + $ref: '#/components/schemas/Fleet_agent_diagnostics' + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agent uploads + tags: + - Elastic Agents + parameters: + - in: path + name: agentId + required: true + schema: + type: string + /api/fleet/agents/action_status: + get: + operationId: agents-action-status + parameters: + - $ref: '#/components/parameters/Fleet_page_size' + - $ref: '#/components/parameters/Fleet_page_index' + - in: query + name: errorSize + schema: + default: 5 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: object + properties: + actionId: + type: string + cancellationTime: + type: string + completionTime: + type: string + creationTime: + description: creation time of action + type: string + expiration: + type: string + latestErrors: + description: >- + latest errors that happened when the agents executed + the action + items: + type: object + properties: + agentId: + type: string + error: + type: string + timestamp: + type: string + type: array + nbAgentsAck: + description: number of agents that acknowledged the action + type: number + nbAgentsActionCreated: + description: number of agents included in action from kibana + type: number + nbAgentsActioned: + description: number of agents actioned + type: number + nbAgentsFailed: + description: number of agents that failed to execute the action + type: number + newPolicyId: + description: new policy id (POLICY_REASSIGN action) + type: string + policyId: + description: policy id (POLICY_CHANGE action) + type: string + revision: + description: new policy revision (POLICY_CHANGE action) + type: string + startTime: + description: start time of action (scheduled actions) + type: string + status: + enum: + - COMPLETE + - EXPIRED + - CANCELLED + - FAILED + - IN_PROGRESS + - ROLLOUT_PASSED + type: string + type: + enum: + - POLICY_REASSIGN + - UPGRADE + - UNENROLL + - FORCE_UNENROLL + - UPDATE_TAGS + - CANCEL + - REQUEST_DIAGNOSTICS + - SETTINGS + - POLICY_CHANGE + - INPUT_ACTION + type: string + version: + description: agent version number (UPGRADE action) + type: string + required: + - actionId + - complete + - nbAgentsActioned + - nbAgentsActionCreated + - nbAgentsAck + - nbAgentsFailed + - status + - creationTime + - type + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent action status + tags: + - Elastic Agent actions + /api/fleet/agents/actions/{actionId}/cancel: + parameters: + - in: path + name: actionId + required: true + schema: + type: string + post: + operationId: agent-action-cancel + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent_action' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Cancel agent action + tags: + - Elastic Agent actions + /api/fleet/agents/bulk_reassign: + post: + operationId: bulk-reassign-agents + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + example: + agents: 'fleet-agents.policy_id : ("policy1" or "policy2")' + policy_id: policy_id + schema: + type: object + properties: + agents: + oneOf: + - description: KQL query string, leave empty to action all agents + type: string + - description: list of agent IDs + items: + type: string + type: array + policy_id: + description: new agent policy id + type: string + required: + - policy_id + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk reassign agents + tags: + - Elastic Agents + /api/fleet/agents/bulk_request_diagnostics: + post: + operationId: bulk-request-diagnostics + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + example: + agents: 'fleet-agents.policy_id : ("policy1" or "policy2")' + schema: + type: object + properties: + additional_metrics: + items: + oneOf: + - enum: + - CPU + type: string + type: array + agents: + oneOf: + - description: KQL query string, leave empty to action all agents + type: string + - description: list of agent IDs + items: + type: string + type: array + batchSize: + type: number + required: + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk request diagnostics from agents + tags: + - Elastic Agents + /api/fleet/agents/bulk_unenroll: + post: + operationId: bulk-unenroll-agents + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + example: + agents: + - agent1 + - agent2 + force: false + revoke: true + schema: + type: object + properties: + agents: + oneOf: + - description: KQL query string, leave empty to action all agents + type: string + - description: list of agent IDs + items: + type: string + type: array + force: + description: Unenrolls hosted agents too + type: boolean + includeInactive: + description: >- + When passing agents by KQL query, unenrolls inactive agents + too + type: boolean + revoke: + description: Revokes API keys of agents + type: boolean + required: + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk unenroll agents + tags: + - Elastic Agents + /api/fleet/agents/bulk_update_agent_tags: + post: + operationId: bulk-update-agent-tags + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + example: + agents: + - agent1 + - agent2 + tagsToAdd: + - newTag + tagsToRemove: + - existingTag + schema: + type: object + properties: + agents: + oneOf: + - description: KQL query string, leave empty to action all agents + type: string + - description: list of agent IDs + items: + type: string + type: array + batchSize: + type: number + tagsToAdd: + items: + type: string + type: array + tagsToRemove: + items: + type: string + type: array + required: + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk update agent tags + tags: + - Elastic Agents + /api/fleet/agents/bulk_upgrade: + post: + operationId: bulk-upgrade-agents + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + example: + agents: + - agent1 + - agent2 + rollout_duration_seconds: 3600 + source_uri: https://artifacts.elastic.co/downloads/beats/elastic-agent + start_time: '2022-08-03T14:00:00.000Z' + version: 8.4.0 + schema: + $ref: '#/components/schemas/Fleet_bulk_upgrade_agents' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk upgrade agents + tags: + - Elastic Agents + /api/fleet/agents/files/{fileId}: + delete: + operationId: delete-agent-upload-file + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: object + properties: + deleted: + type: boolean + id: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete file uploaded by agent + tags: + - Elastic Agents + parameters: + - in: path + name: fileId + required: true + schema: + type: string + /api/fleet/agents/files/{fileId}/{fileName}: + get: + operationId: get-agent-upload-file + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: object + properties: + items: + type: object + properties: + body: {} + headers: {} + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get file uploaded by agent + tags: + - Elastic Agents + parameters: + - in: path + name: fileId + required: true + schema: + type: string + - in: path + name: fileName + required: true + schema: + type: string + /api/fleet/agents/setup: + get: + operationId: get-agents-setup-status + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_fleet_status_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent setup info + tags: + - Elastic Agents + post: + operationId: setup-agents + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + admin_password: + type: string + admin_username: + type: string + required: + - admin_username + - admin_password + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_fleet_setup_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Initiate agent setup + tags: + - Elastic Agents + /api/fleet/agents/tags: + get: + operationId: get-agent-tags + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_get_agent_tags_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agent tags + tags: + - Elastic Agents + /api/fleet/data_streams: + get: + operationId: data-streams-list + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data_streams: + items: + $ref: '#/components/schemas/Fleet_data_stream' + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List data streams + tags: + - Data streams + parameters: [] + /api/fleet/enrollment_api_keys: + get: + operationId: get-enrollment-api-keys + parameters: + - $ref: '#/components/parameters/Fleet_page_size' + - $ref: '#/components/parameters/Fleet_page_index' + - $ref: '#/components/parameters/Fleet_kuery' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + type: array + list: + deprecated: true + items: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - page + - perPage + - total + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List enrollment API keys + tags: + - Fleet enrollment API keys + post: + operationId: create-enrollment-api-keys + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + name: + description: The name of the enrollment API key. Must be unique. + type: string + policy_id: + description: >- + The ID of the agent policy the Elastic Agent will be + enrolled in. + type: string + required: + - policy_id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + enum: + - created + type: string + item: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create enrollment API key + tags: + - Fleet enrollment API keys + /api/fleet/enrollment_api_keys/{keyId}: + delete: + operationId: delete-enrollment-api-key + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + enum: + - deleted + type: string + required: + - action + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Revoke enrollment API key by ID by marking it as inactive + tags: + - Fleet enrollment API keys + get: + operationId: get-enrollment-api-key + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get enrollment API key by ID + tags: + - Fleet enrollment API keys + parameters: + - in: path + name: keyId + required: true + schema: + type: string + /api/fleet/enrollment-api-keys: + get: + deprecated: true + operationId: get-enrollment-api-keys-deprecated + parameters: [] + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + type: array + list: + deprecated: true + items: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - page + - perPage + - total + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List enrollment API keys + tags: + - Fleet enrollment API keys + post: + deprecated: true + operationId: create-enrollment-api-keys-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + enum: + - created + type: string + item: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create enrollment API key + tags: + - Fleet enrollment API keys + /api/fleet/enrollment-api-keys/{keyId}: + delete: + deprecated: true + operationId: delete-enrollment-api-key-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + enum: + - deleted + type: string + required: + - action + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete enrollment API key by ID + tags: + - Fleet enrollment API keys + get: + deprecated: true + operationId: get-enrollment-api-key-deprecated + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get enrollment API key by ID + tags: + - Fleet enrollment API keys + parameters: + - in: path + name: keyId + required: true + schema: + type: string + /api/fleet/epm/bulk_assets: + post: + operationId: bulk-get-assets + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + assetIds: + description: list of items necessary to fetch assets + items: + type: object + properties: + id: + type: string + type: + type: string + type: array + required: + - assetIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_get_bulk_assets_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk get assets + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/categories: + get: + operationId: get-package-categories + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_get_categories_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List package categories + tags: + - Elastic Package Manager (EPM) + parameters: + - description: >- + Whether to include prerelease packages in categories count (e.g. beta, + rc, preview) + in: query + name: prerelease + schema: + default: false + type: boolean + - deprecated: true + in: query + name: experimental + schema: + default: false + type: boolean + - in: query + name: include_policy_templates + schema: + default: false + type: boolean + /api/fleet/epm/packages: + get: + operationId: list-all-packages + parameters: + - description: >- + Whether to exclude the install status of each package. Enabling this + option will opt in to caching for the response via `cache-control` + headers. If you don't need up-to-date installation info for a + package, and are querying for a list of available packages, + providing this flag can improve performance substantially. + in: query + name: excludeInstallStatus + schema: + default: false + type: boolean + - description: >- + Whether to return prerelease versions of packages (e.g. beta, rc, + preview) + in: query + name: prerelease + schema: + default: false + type: boolean + - deprecated: true + in: query + name: experimental + schema: + default: false + type: boolean + - in: query + name: category + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_get_packages_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List packages + tags: + - Elastic Package Manager (EPM) + post: + description: '' + operationId: install-package-by-upload + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: avoid erroring out on unexpected mapping update errors + in: query + name: ignoreMappingUpdateErrors + schema: + default: false + type: boolean + - description: >- + Skip data stream rollover during index template mapping or settings + update + in: query + name: skipDataStreamRollover + schema: + default: false + type: boolean + requestBody: + content: + application/gzip; Elastic-Api-Version=2023-10-31: + schema: + format: binary + type: string + application/zip; Elastic-Api-Version=2023-10-31: + schema: + format: binary + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _meta: + type: object + properties: + install_source: + enum: + - upload + - registry + - bundled + type: string + items: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + '429': + $ref: '#/components/responses/Fleet_error' + summary: Install by package by direct upload + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/_bulk: + post: + operationId: bulk-install-packages + parameters: + - description: >- + Whether to return prerelease versions of packages (e.g. beta, rc, + preview) + in: query + name: prerelease + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + description: force install to ignore package verification errors + type: boolean + packages: + description: list of packages to install + items: + oneOf: + - description: package name + type: string + - type: object + properties: + name: + description: package name + type: string + version: + description: package version + type: string + type: array + required: + - packages + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_bulk_install_packages_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk install packages + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgkey}: + delete: + deprecated: true + operationId: delete-package-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - in: path + name: pkgkey + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + response: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - response + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete ackage + tags: + - Elastic Package Manager (EPM) + get: + deprecated: true + operationId: get-package-deprecated + parameters: + - in: path + name: pkgkey + required: true + schema: + type: string + - description: >- + Whether to return prerelease versions of packages (e.g. beta, rc, + preview) + in: query + name: prerelease + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + allOf: + - properties: + response: + $ref: '#/components/schemas/Fleet_package_info' + - properties: + savedObject: + type: string + status: + enum: + - installed + - installing + - install_failed + - not_installed + type: string + required: + - status + - savedObject + type: object + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package + tags: + - Elastic Package Manager (EPM) + post: + deprecated: true + description: '' + operationId: install-package-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - in: path + name: pkgkey + required: true + schema: + type: string + - description: avoid erroring out on unexpected mapping update errors + in: query + name: ignoreMappingUpdateErrors + schema: + default: false + type: boolean + - description: >- + Skip data stream rollover during index template mapping or settings + update + in: query + name: skipDataStreamRollover + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + response: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - response + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Install package + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/{pkgVersion}: + delete: + operationId: delete-package + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: delete package even if policies used by agents + in: query + name: force + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + deprecated: true + type: object + properties: + force: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete package + tags: + - Elastic Package Manager (EPM) + get: + operationId: get-package + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + allOf: + - properties: + item: + $ref: '#/components/schemas/Fleet_package_info' + - properties: + keepPoliciesUpToDate: + type: boolean + latestVersion: + type: string + licensePath: + type: string + notice: + type: string + savedObject: + deprecated: true + type: object + status: + enum: + - installed + - installing + - install_failed + - not_installed + type: string + required: + - status + - savedObject + type: object + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package + tags: + - Elastic Package Manager (EPM) + parameters: + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - description: Ignore if the package is fails signature verification + in: query + name: ignoreUnverified + schema: + type: boolean + - description: >- + Return all fields from the package manifest, not just those supported + by the Elastic Package Registry + in: query + name: full + schema: + type: boolean + - description: >- + Whether to return prerelease versions of packages (e.g. beta, rc, + preview) + in: query + name: prerelease + schema: + default: false + type: boolean + post: + description: '' + operationId: install-package + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: avoid erroring out on unexpected mapping update errors + in: query + name: ignoreMappingUpdateErrors + schema: + default: false + type: boolean + - description: >- + Skip data stream rollover during index template mapping or settings + update + in: query + name: skipDataStreamRollover + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + type: boolean + ignore_constraints: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _meta: + type: object + properties: + install_source: + enum: + - registry + - upload + - bundled + type: string + items: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Install package + tags: + - Elastic Package Manager (EPM) + put: + description: '' + operationId: update-package + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + keepPoliciesUpToDate: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update package settings + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath}: + get: + operationId: packages-get-file + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: object + headers: + type: object + statusCode: + type: number + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package file + tags: + - Elastic Package Manager (EPM) + parameters: + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: path + name: filePath + required: true + schema: + type: string + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize: + post: + description: '' + operationId: reauthorize-transforms + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - description: >- + Whether to include prerelease packages in categories count (e.g. + beta, rc, preview) + in: query + name: prerelease + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + transforms: + items: + type: object + properties: + transformId: + type: string + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: object + properties: + error: + type: string + success: + type: boolean + transformId: + type: string + required: + - transformId + - error + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Authorize transforms + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/stats: + get: + operationId: get-package-stats + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + response: + $ref: '#/components/schemas/Fleet_package_usage_stats' + required: + - response + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package stats + tags: + - Elastic Package Manager (EPM) + parameters: + - in: path + name: pkgName + required: true + schema: + type: string + /api/fleet/epm/packages/limited: + get: + operationId: list-limited-packages + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: string + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get limited package list + tags: + - Elastic Package Manager (EPM) + parameters: [] + /api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs: + get: + operationId: get-inputs-template + responses: + '200': + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get inputs template + tags: + - Elastic Package Manager (EPM) + parameters: + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - description: Format of response - json or yaml + in: query + name: format + schema: + enum: + - json + - yaml + - yml + type: string + - description: Specify if version is prerelease + in: query + name: prerelease + schema: + type: boolean + - description: Ignore if the package is fails signature verification + in: query + name: ignoreUnverified + schema: + type: boolean + /api/fleet/epm/verification_key_id: + get: + operationId: packages-get-verification-key-id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: object + properties: + id: + description: >- + the key ID of the GPG key used to verify package + signatures + nullable: true + type: string + headers: + type: object + statusCode: + type: number + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package signature verification key ID + tags: + - Elastic Package Manager (EPM) + parameters: [] + /api/fleet/fleet_server_hosts: + get: + operationId: get-fleet-server-hosts + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_fleet_server_host' + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List Fleet Server hosts + tags: + - Fleet Server hosts + post: + operationId: post-fleet-server-hosts + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host_urls: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_internal: + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this fleet server host. See + the proxies API for more information. + type: string + required: + - name + - host_urls + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_fleet_server_host' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create Fleet Server host + tags: + - Fleet Server hosts + /api/fleet/fleet_server_hosts/{itemId}: + delete: + operationId: delete-fleet-server-hosts + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + required: + - id + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete Fleet Server host by ID + tags: + - Fleet Server hosts + get: + operationId: get-one-fleet-server-hosts + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_fleet_server_host' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get Fleet Server host by ID + tags: + - Fleet Server hosts + parameters: + - in: path + name: itemId + required: true + schema: + type: string + put: + operationId: update-fleet-server-hosts + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host_urls: + items: + type: string + type: array + is_default: + type: boolean + is_internal: + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this fleet server host. See + the proxies API for more information. + nullable: true + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_fleet_server_host' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update Fleet Server host by ID + tags: + - Fleet Server hosts + /api/fleet/health_check: + post: + operationId: fleet-server-health-check + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host: + deprecated: true + type: string + id: + type: string + required: + - id + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host: + deprecated: true + type: string + id: + description: Fleet Server host id + type: string + status: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Fleet Server health check + tags: + - Fleet internals + /api/fleet/kubernetes: + get: + operationId: get-full-k8s-manifest + parameters: + - in: query + name: download + required: false + schema: + type: boolean + - in: query + name: fleetServer + required: false + schema: + type: string + - in: query + name: enrolToken + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get full K8s agent manifest + tags: + - Fleet Kubernetes + /api/fleet/logstash_api_keys: + post: + operationId: generate-logstash-api-key + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + api_key: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Generate Logstash API key + tags: + - Fleet outputs + /api/fleet/outputs: + get: + operationId: get-outputs + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_output_create_request' + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List outputs + tags: + - Fleet outputs + post: + operationId: post-outputs + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_output_create_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_output_create_request' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create output + tags: + - Fleet outputs + /api/fleet/outputs/{outputId}: + delete: + operationId: delete-output + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + required: + - id + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete output by ID + tags: + - Fleet outputs + get: + operationId: get-output + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_output_create_request' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get output by ID + tags: + - Fleet outputs + parameters: + - in: path + name: outputId + required: true + schema: + type: string + put: + operationId: update-output + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_output_update_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_output_update_request' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update output by ID + tags: + - Fleet outputs + /api/fleet/outputs/{outputId}/health: + get: + operationId: get-output-health + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + description: long message if unhealthy + type: string + state: + description: state of output, HEALTHY or DEGRADED + type: string + timestamp: + description: timestamp of reported state + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get latest output health + tags: + - Fleet outputs + parameters: + - in: path + name: outputId + required: true + schema: + type: string + /api/fleet/package_policies: + get: + operationId: get-package-policies + parameters: + - $ref: '#/components/parameters/Fleet_page_size' + - $ref: '#/components/parameters/Fleet_page_index' + - $ref: '#/components/parameters/Fleet_kuery' + - $ref: '#/components/parameters/Fleet_format' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_package_policy' + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List package policies + tags: + - Fleet package policies + parameters: [] + post: + operationId: create-package-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - $ref: '#/components/parameters/Fleet_format' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_package_policy_request' + description: >- + You should use inputs as an object and not use the deprecated inputs + array. + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_package_policy' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + '409': + $ref: '#/components/responses/Fleet_error' + summary: Create package policy + tags: + - Fleet package policies + /api/fleet/package_policies/_bulk_get: + post: + operationId: bulk-get-package-policies + parameters: + - $ref: '#/components/parameters/Fleet_format' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + ids: + description: list of package policy ids + items: + type: string + type: array + ignoreMissing: + type: boolean + required: + - ids + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_package_policy' + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk get package policies + tags: + - Fleet package policies + /api/fleet/package_policies/{packagePolicyId}: + delete: + operationId: delete-package-policy + parameters: + - in: query + name: force + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + required: + - id + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete package policy by ID + tags: + - Fleet package policies + get: + operationId: get-package-policy + parameters: + - $ref: '#/components/parameters/Fleet_format' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_package_policy' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package policy by ID + tags: + - Fleet package policies + parameters: + - in: path + name: packagePolicyId + required: true + schema: + type: string + put: + operationId: update-package-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - $ref: '#/components/parameters/Fleet_format' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_package_policy_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_package_policy' + sucess: + type: boolean + required: + - item + - sucess + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update package policy by ID + tags: + - Fleet package policies + /api/fleet/package_policies/delete: + post: + operationId: post-delete-package-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + type: boolean + packagePolicyIds: + items: + type: string + type: array + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + properties: + id: + type: string + name: + type: string + success: + type: boolean + required: + - id + - success + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete package policy + tags: + - Fleet package policies + /api/fleet/package_policies/upgrade: + post: + operationId: upgrade-package-policy + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + packagePolicyIds: + items: + type: string + type: array + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + properties: + id: + type: string + name: + type: string + success: + type: boolean + required: + - id + - success + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + '409': + $ref: '#/components/responses/Fleet_error' + summary: Upgrade package policy to a newer package version + tags: + - Fleet package policies + /api/fleet/package_policies/upgrade/dryrun: + post: + operationId: upgrade-package-policy-dry-run + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + packagePolicyIds: + items: + type: string + type: array + packageVersion: + type: string + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + properties: + agent_diff: + $ref: '#/components/schemas/Fleet_upgrade_agent_diff' + diff: + $ref: '#/components/schemas/Fleet_upgrade_diff' + hasErrors: + type: boolean + required: + - hasErrors + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Dry run package policy upgrade + tags: + - Fleet package policies + /api/fleet/proxies: + get: + operationId: get-fleet-proxies + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_proxies' + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List proxies + tags: + - Fleet proxies + post: + operationId: post-fleet-proxies + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + certificate: + type: string + certificate_authorities: + type: string + certificate_key: + type: string + id: + type: string + name: + type: string + proxy_headers: + type: object + url: + type: string + required: + - name + - url + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_proxies' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create proxy + tags: + - Fleet proxies + /api/fleet/proxies/{itemId}: + delete: + operationId: delete-fleet-proxies + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + required: + - id + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete proxy by ID + tags: + - Fleet proxies + get: + operationId: get-one-fleet-proxies + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_proxies' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get proxy by ID + tags: + - Fleet proxies + parameters: + - in: path + name: itemId + required: true + schema: + type: string + put: + operationId: update-fleet-proxies + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + certificate: + type: string + certificate_authorities: + type: string + certificate_key: + type: string + name: + type: string + proxy_headers: + type: object + url: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_proxies' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update proxy by ID + tags: + - Fleet proxies + /api/fleet/service_tokens: + post: + operationId: generate-service-token + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + name: + type: string + value: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create service token + tags: + - Fleet service tokens + /api/fleet/service-tokens: + post: + deprecated: true + operationId: generate-service-token-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + name: + type: string + value: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create service token + tags: + - Fleet service tokens + /api/fleet/settings: + get: + operationId: get-settings + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_fleet_settings_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get settings + tags: + - Fleet internals + put: + operationId: update-settings + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + additional_yaml_config: + type: string + fleet_server_hosts: + description: Protocol and path must be the same for each URL + items: + type: string + type: array + has_seen_add_data_notice: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_fleet_settings_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update settings + tags: + - Fleet internals + /api/fleet/setup: + post: + operationId: setup + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_fleet_setup_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + description: Internal Server Error + summary: Initiate Fleet setup + tags: + - Fleet internals + /api/fleet/uninstall_tokens: + get: + operationId: get-uninstall-tokens + parameters: + - description: The number of items to return + in: query + name: perPage + required: false + schema: + default: 20 + minimum: 5 + type: integer + - $ref: '#/components/parameters/Fleet_page_index' + - description: Partial match filtering for policy IDs + in: query + name: policyId + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: object + properties: + created_at: + type: string + id: + type: string + policy_id: + type: string + required: + - id + - policy_id + - created_at + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List metadata for latest uninstall tokens per agent policy + tags: + - Fleet uninstall tokens + /api/fleet/uninstall_tokens/{uninstallTokenId}: + get: + operationId: get-uninstall-token + parameters: + - in: path + name: uninstallTokenId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + type: object + properties: + created_at: + type: string + id: + type: string + policy_id: + type: string + token: + type: string + required: + - id + - token + - policy_id + - created_at + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get one decrypted uninstall token by its ID + tags: + - Fleet uninstall tokens + /api/lists: + delete: + description: | + Delete a list using the list ID. + > info + > When you delete a list, all of its list items are also deleted. + operationId: DeleteList + parameters: + - description: List's `id` value + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - in: query + name: deleteReferences + required: false + schema: + default: false + type: boolean + - in: query + name: ignoreReferences + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Delete a list + tags: + - Security Solution Lists API + get: + description: Get the details of a list using the list ID. + operationId: ReadList + parameters: + - description: List's `id` value + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get list details + tags: + - Security Solution Lists API + patch: + description: Update specific fields of an existing list using the list ID. + operationId: PatchList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListDescription + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListMetadata + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + version: + minimum: 1 + type: integer + required: + - id + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Patch a list + tags: + - Security Solution Lists API + post: + description: Create a new list. + operationId: CreateList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListDescription + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListMetadata + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + serializer: + type: string + type: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + version: + default: 1 + minimum: 1 + type: integer + required: + - name + - description + - type + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Create a list + tags: + - Security Solution Lists API + put: + description: > + Update a list using the list ID. The original list is replaced, and all + unspecified fields are deleted. + + > info + + > You cannot modify the `id` value. + operationId: UpdateList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListDescription + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListMetadata + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + version: + minimum: 1 + type: integer + required: + - id + - name + - description + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Update a list + tags: + - Security Solution Lists API + /api/lists/_find: + get: + description: >- + Get a paginated subset of lists. By default, the first page is returned, + with 20 results per page. + operationId: FindLists + parameters: + - description: The page number to return + in: query + name: page + required: false + schema: + type: integer + - description: The number of lists to return per page + in: query + name: per_page + required: false + schema: + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + - description: > + Returns the list that come after the last list returned in the + previous call + + (use the cursor value returned in the previous call). This parameter + uses + + the `tie_breaker_id` field to ensure all lists are sorted and + returned correctly. + in: query + name: cursor + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_FindListsCursor' + - description: > + Filters the returned results according to the value of the specified + field, + + using the : syntax. + in: query + name: filter + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_FindListsFilter' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cursor: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListsCursor + data: + items: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + - cursor + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get lists + tags: + - Security Solution Lists API + /api/lists/index: + delete: + description: Delete the `.lists` and `.items` data streams. + operationId: DeleteListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List data stream not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Delete list data streams + tags: + - Security Solution Lists API + get: + description: Verify that `.lists` and `.items` data streams exist. + operationId: ReadListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + list_index: + type: boolean + list_item_index: + type: boolean + required: + - list_index + - list_item_index + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List data stream(s) not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get status of list data streams + tags: + - Security Solution Lists API + post: + description: Create `.lists` and `.items` data streams in the relevant space. + operationId: CreateListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List data stream exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Create list data streams + tags: + - Security Solution Lists API + /api/lists/items: + delete: + description: Delete a list item using its `id`, or its `list_id` and `value` fields. + operationId: DeleteListItem + parameters: + - description: Required if `list_id` and `value` are not specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: value + required: false + schema: + type: string + - description: >- + Determines when changes made by the request are made visible to + search + in: query + name: refresh + required: false + schema: + default: 'false' + enum: + - 'true' + - 'false' + - wait_for + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + - items: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Delete a list item + tags: + - Security Solution Lists API + get: + description: Get the details of a list item. + operationId: ReadListItem + parameters: + - description: Required if `list_id` and `value` are not specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: value + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + - items: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get a list item + tags: + - Security Solution Lists API + patch: + description: Update specific fields of an existing list item using the list item ID. + operationId: PatchListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemMetadata + refresh: + description: >- + Determines when changes made by the request are made visible + to search + enum: + - 'true' + - 'false' + - wait_for + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemValue + required: + - id + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Patch a list item + tags: + - Security Solution Lists API + post: + description: > + Create a list item and associate it with the specified list. + + + All list items in the same list must be the same type. For example, each + list item in an `ip` list must define a specific IP address. + + > info + + > Before creating a list item, you must create a list. + operationId: CreateListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + list_id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemMetadata + refresh: + description: >- + Determines when changes made by the request are made visible + to search + enum: + - 'true' + - 'false' + - wait_for + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemValue + required: + - list_id + - value + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Create a list item + tags: + - Security Solution Lists API + put: + description: > + Update a list item using the list item ID. The original list item is + replaced, and all unspecified fields are deleted. + + > info + + > You cannot modify the `id` value. + operationId: UpdateListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemMetadata + value: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemValue + required: + - id + - value + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Update a list item + tags: + - Security Solution Lists API + /api/lists/items/_export: + post: + description: Export list item values from the specified list. + operationId: ExportListItems + parameters: + - description: List's id to export + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: A `.txt` file containing list items from the specified list + format: binary + type: string + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Export list items + tags: + - Security Solution Lists API + /api/lists/items/_find: + get: + description: Get all list items in the specified list. + operationId: FindListItems + parameters: + - description: List's id + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: The page number to return + in: query + name: page + required: false + schema: + type: integer + - description: The number of list items to return per page + in: query + name: per_page + required: false + schema: + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + - description: > + Returns the list that come after the last list returned in the + previous call + + (use the cursor value returned in the previous call). This parameter + uses + + the `tie_breaker_id` field to ensure all lists are sorted and + returned correctly. + in: query + name: cursor + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListItemsCursor + - description: > + Filters the returned results according to the value of the specified + field, + + using the : syntax. + in: query + name: filter + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListItemsFilter + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cursor: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListItemsCursor + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItem + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + - cursor + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get list items + tags: + - Security Solution Lists API + /api/lists/items/_import: + post: + description: > + Import list items from a TXT or CSV file. The maximum file size is 9 + million bytes. + + + You can import items to a new or existing list. + operationId: ImportListItems + parameters: + - description: | + List's id. + + Required when importing to an existing list. + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: > + Type of the importing list. + + + Required when importing a new list that is `list_id` is not + specified. + in: query + name: type + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + - in: query + name: serializer + required: false + schema: + type: string + - in: query + name: deserializer + required: false + schema: + type: string + - description: >- + Determines when changes made by the request are made visible to + search + in: query + name: refresh + required: false + schema: + enum: + - 'true' + - 'false' + - wait_for + type: string + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: >- + A `.txt` or `.csv` file containing newline separated list + items + format: binary + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List with specified list_id does not exist response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Import list items + tags: + - Security Solution Lists API + /api/lists/privileges: + get: + operationId: ReadListPrivileges + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + is_authenticated: + type: boolean + listItems: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemPrivileges + lists: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListPrivileges + required: + - lists + - listItems + - is_authenticated + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get list privileges + tags: + - Security Solution Lists API + /api/ml/saved_objects/sync: + get: + description: > + Synchronizes Kibana saved objects for machine learning jobs and trained + models in the default space. You must have `all` privileges for the + **Machine Learning** feature in the **Analytics** section of the Kibana + feature privileges. This API runs automatically when you start Kibana + and periodically thereafter. + operationId: mlSync + parameters: + - $ref: '#/components/parameters/Machine_learning_APIs_simulateParam' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + syncExample: + $ref: '#/components/examples/Machine_learning_APIs_mlSyncExample' + schema: + $ref: '#/components/schemas/Machine_learning_APIs_mlSync200Response' + description: Indicates a successful call + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Machine_learning_APIs_mlSync4xxResponse' + description: Authorization information is missing or invalid. + summary: Sync saved objects in the default space + tags: + - ml + /api/note: + delete: + description: Delete a note from a Timeline using the note ID. + operationId: DeleteNote + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - nullable: true + type: object + properties: + noteId: + type: string + required: + - noteId + - type: object + properties: + noteIds: + items: + type: string + nullable: true + type: array + required: + - noteIds + description: The ID of the note to delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + description: Indicates the note was successfully deleted. + summary: Delete a note + tags: + - Security Solution Timeline API + - access:securitySolution + get: + description: Get all notes for a given document. + operationId: GetNotes + parameters: + - in: query + name: documentIds + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_DocumentIds' + - in: query + name: page + schema: + nullable: true + type: number + - in: query + name: perPage + schema: + nullable: true + type: number + - in: query + name: search + schema: + nullable: true + type: string + - in: query + name: sortField + schema: + nullable: true + type: string + - in: query + name: sortOrder + schema: + nullable: true + type: string + - in: query + name: filter + schema: + nullable: true + type: string + responses: + '200': + description: Indicates the requested notes were returned. + summary: Get notes + tags: + - Security Solution Timeline API + - access:securitySolution + patch: + description: Add a note to a Timeline or update an existing note. + operationId: PersistNoteRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + eventDataView: + nullable: true + type: string + eventIngested: + nullable: true + type: string + eventTimestamp: + nullable: true + type: string + note: + $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + noteId: + nullable: true + type: string + overrideOwner: + nullable: true + type: boolean + version: + nullable: true + type: string + required: + - note + description: The note to add or update, along with additional metadata. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistNote: + type: object + properties: + code: + type: number + message: + type: string + note: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_Note + required: + - code + - message + - note + required: + - persistNote + required: + - data + description: Indicates the note was successfully created. + summary: Add or update a note + tags: + - Security Solution Timeline API + - access:securitySolution + /api/osquery/live_queries: + get: + description: Get a list of all live queries. + operationId: OsqueryFindLiveQueries + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_FindLiveQueryRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live queries + tags: + - Security Solution Osquery API + post: + description: Create and run a live query. + operationId: OsqueryCreateLiveQuery + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_CreateLiveQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a live query + tags: + - Security Solution Osquery API + /api/osquery/live_queries/{id}: + get: + description: Get the details of a live query using the query ID. + operationId: OsqueryGetLiveQueryDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + - in: query + name: query + schema: + additionalProperties: true + type: object + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live query details + tags: + - Security Solution Osquery API + /api/osquery/live_queries/{id}/results/{actionId}: + get: + description: Get the results of a live query using the query action ID. + operationId: OsqueryGetLiveQueryResults + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + - in: path + name: actionId + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_GetLiveQueryResultsRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live query results + tags: + - Security Solution Osquery API + /api/osquery/packs: + get: + description: Get a list of all query packs. + operationId: OsqueryFindPacks + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_FindPacksRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get packs + tags: + - Security Solution Osquery API + post: + description: Create a query pack. + operationId: OsqueryCreatePacks + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_CreatePacksRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a pack + tags: + - Security Solution Osquery API + /api/osquery/packs/{id}: + delete: + description: Delete a query pack using the pack ID. + operationId: OsqueryDeletePacks + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Delete a pack + tags: + - Security Solution Osquery API + get: + description: Get the details of a query pack using the pack ID. + operationId: OsqueryGetPacksDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get pack details + tags: + - Security Solution Osquery API + put: + description: | + Update a query pack using the pack ID. + > info + > You cannot update a prebuilt pack. + operationId: OsqueryUpdatePacks + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_UpdatePacksRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Update a pack + tags: + - Security Solution Osquery API + /api/osquery/saved_queries: + get: + description: Get a list of all saved queries. + operationId: OsqueryFindSavedQueries + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_FindSavedQueryRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get saved queries + tags: + - Security Solution Osquery API + post: + description: Create and run a saved query. + operationId: OsqueryCreateSavedQuery + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_CreateSavedQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a saved query + tags: + - Security Solution Osquery API + /api/osquery/saved_queries/{id}: + delete: + description: Delete a saved query using the query ID. + operationId: OsqueryDeleteSavedQuery + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Delete a saved query + tags: + - Security Solution Osquery API + get: + description: Get the details of a saved query using the query ID. + operationId: OsqueryGetSavedQueryDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get saved query details + tags: + - Security Solution Osquery API + put: + description: | + Update a saved query using the query ID. + > info + > You cannot update a prebuilt saved query. + operationId: OsqueryUpdateSavedQuery + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_UpdateSavedQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Update a saved query + tags: + - Security Solution Osquery API + /api/pinned_event: + patch: + description: Pin an event to an existing Timeline. + operationId: PersistPinnedEventRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + eventId: + type: string + pinnedEventId: + nullable: true + type: string + timelineId: + type: string + required: + - eventId + - timelineId + description: The pinned event to add or update, along with additional metadata. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistPinnedEventOnTimeline: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Timeline_API_PinnedEvent + - type: object + properties: + code: + type: number + message: + type: string + required: + - persistPinnedEventOnTimeline + required: + - data + description: Indicates the event was successfully pinned to the Timeline. + summary: Pin an event + tags: + - Security Solution Timeline API + - access:securitySolution + /api/risk_score/engine/schedule_now: + post: + description: >- + Schedule the risk scoring engine to run as soon as possible. You can use + this to recalculate entity risk scores after updating their asset + criticality. + operationId: ScheduleRiskEngineNow + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: {} + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_RiskEngineScheduleNowResponse + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_TaskManagerUnavailableResponse + description: Task manager is unavailable + default: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse + description: Unexpected error + summary: Run the risk scoring engine + tags: + - Security Solution Entity Analytics API + /api/saved_objects/_bulk_create: + post: + deprecated: true + operationId: bulkCreateSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - description: When true, overwrites the document with the same identifier. + in: query + name: overwrite + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Create saved objects + tags: + - saved objects + /api/saved_objects/_bulk_delete: + post: + deprecated: true + description: | + WARNING: When you delete a saved object, it cannot be recovered. + operationId: bulkDeleteSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - description: > + When true, force delete objects that exist in multiple namespaces. + Note that the option applies to the whole request. Use the delete + object API to specify per-object deletion behavior. TIP: Use this if + you attempted to delete objects and received an HTTP 400 error with + the following message: "Unable to delete saved object that exists in + multiple namespaces, use the force option to delete it anyway". + WARNING: When you bulk delete objects that exist in multiple + namespaces, the API also deletes legacy url aliases that reference + the object. These requests are batched to minimise the impact but + they can place a heavy load on Kibana. Make sure you limit the + number of objects that exist in multiple namespaces in a single bulk + delete operation. + in: query + name: force + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: > + Indicates a successful call. NOTE: This HTTP response code indicates + that the bulk operation succeeded. Errors pertaining to individual + objects will be returned in the response body. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Delete saved objects + tags: + - saved objects + /api/saved_objects/_bulk_get: + post: + deprecated: true + operationId: bulkGetSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Get saved objects + tags: + - saved objects + /api/saved_objects/_bulk_resolve: + post: + deprecated: true + description: > + Retrieve multiple Kibana saved objects by identifier using any legacy + URL aliases if they exist. Under certain circumstances when Kibana is + upgraded, saved object migrations may necessitate regenerating some + object IDs to enable new features. When an object's ID is regenerated, a + legacy URL alias is created for that object, preserving its old ID. In + such a scenario, that object can be retrieved by the bulk resolve API + using either its new ID or its old ID. + operationId: bulkResolveSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: > + Indicates a successful call. NOTE: This HTTP response code indicates + that the bulk operation succeeded. Errors pertaining to individual + objects will be returned in the response body. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Resolve saved objects + tags: + - saved objects + /api/saved_objects/_bulk_update: + post: + deprecated: true + description: Update the attributes for multiple Kibana saved objects. + operationId: bulkUpdateSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: > + Indicates a successful call. NOTE: This HTTP response code indicates + that the bulk operation succeeded. Errors pertaining to individual + objects will be returned in the response body. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Update saved objects + tags: + - saved objects + /api/saved_objects/_export: + post: + description: > + Retrieve sets of saved objects that you want to import into Kibana. + + You must include `type` or `objects` in the request body. + + + Exported saved objects are not backwards compatible and cannot be + imported into an older version of Kibana. + + + NOTE: The `savedObjects.maxImportExportSize` configuration setting + limits the number of saved objects which may be exported. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: exportSavedObjectsDefault + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + exportSavedObjectsRequest: + $ref: '#/components/examples/Saved_objects_export_objects_request' + schema: + type: object + properties: + excludeExportDetails: + default: false + description: Do not add export details entry at the end of the stream. + type: boolean + includeReferencesDeep: + description: >- + Includes all of the referenced objects in the exported + objects. + type: boolean + objects: + description: A list of objects to export. + items: + type: object + type: array + type: + description: >- + The saved object types to include in the export. Use `*` to + export all the types. + oneOf: + - type: string + - items: + type: string + type: array + required: true + responses: + '200': + content: + application/x-ndjson; Elastic-Api-Version=2023-10-31: + examples: + exportSavedObjectsResponse: + $ref: '#/components/examples/Saved_objects_export_objects_response' + schema: + additionalProperties: true + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Export saved objects + tags: + - saved objects + /api/saved_objects/_find: + get: + deprecated: true + description: Retrieve a paginated set of Kibana saved objects. + operationId: findSavedObjects + parameters: + - description: > + An aggregation structure, serialized as a string. The field format + is similar to filter, meaning that to use a saved object type + attribute in the aggregation, the `savedObjectType.attributes.title: + "myTitle"` format must be used. For root fields, the syntax is + `savedObjectType.rootField`. NOTE: As objects change in Kibana, the + results on each page of the response also change. Use the find API + for traditional paginated results, but avoid using it to export + large amounts of data. + in: query + name: aggs + schema: + type: string + - description: The default operator to use for the `simple_query_string`. + in: query + name: default_search_operator + schema: + type: string + - description: The fields to return in the attributes key of the response. + in: query + name: fields + schema: + oneOf: + - type: string + - type: array + - description: > + The filter is a KQL string with the caveat that if you filter with + an attribute from your saved object type, it should look like that: + `savedObjectType.attributes.title: "myTitle"`. However, if you use a + root attribute of a saved object such as `updated_at`, you will have + to define your filter like that: `savedObjectType.updated_at > + 2018-12-22`. + in: query + name: filter + schema: + type: string + - description: >- + Filters to objects that do not have a relationship with the type and + identifier combination. + in: query + name: has_no_reference + schema: + type: object + - description: >- + The operator to use for the `has_no_reference` parameter. Either + `OR` or `AND`. Defaults to `OR`. + in: query + name: has_no_reference_operator + schema: + type: string + - description: >- + Filters to objects that have a relationship with the type and ID + combination. + in: query + name: has_reference + schema: + type: object + - description: >- + The operator to use for the `has_reference` parameter. Either `OR` + or `AND`. Defaults to `OR`. + in: query + name: has_reference_operator + schema: + type: string + - description: The page of objects to return. + in: query + name: page + schema: + type: integer + - description: The number of objects to return per page. + in: query + name: per_page + schema: + type: integer + - description: >- + An Elasticsearch `simple_query_string` query that filters the + objects in the response. + in: query + name: search + schema: + type: string + - description: >- + The fields to perform the `simple_query_string` parsed query + against. + in: query + name: search_fields + schema: + oneOf: + - type: string + - type: array + - description: > + Sorts the response. Includes "root" and "type" fields. "root" fields + exist for all saved objects, such as "updated_at". "type" fields are + specific to an object type, such as fields returned in the + attributes key of the response. When a single type is defined in the + type parameter, the "root" and "type" fields are allowed, and + validity checks are made in that order. When multiple types are + defined in the type parameter, only "root" fields are allowed. + in: query + name: sort_field + schema: + type: string + - description: The saved object types to include. + in: query + name: type + required: true + schema: + oneOf: + - type: string + - type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Search for saved objects + tags: + - saved objects + /api/saved_objects/_import: + post: + description: > + Create sets of Kibana saved objects from a file created by the export + API. + + Saved objects can be imported only into the same version, a newer minor + on the same major, or the next major. Exported saved objects are not + backwards compatible and cannot be imported into an older version of + Kibana. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: importSavedObjectsDefault + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - description: > + Creates copies of saved objects, regenerates each object ID, and + resets the origin. When used, potential conflict errors are avoided. + NOTE: This option cannot be used with the `overwrite` and + `compatibilityMode` options. + in: query + name: createNewCopies + required: false + schema: + type: boolean + - description: > + Overwrites saved objects when they already exist. When used, + potential conflict errors are automatically resolved by overwriting + the destination object. NOTE: This option cannot be used with the + `createNewCopies` option. + in: query + name: overwrite + required: false + schema: + type: boolean + - description: > + Applies various adjustments to the saved objects that are being + imported to maintain compatibility between different Kibana + versions. Use this option only if you encounter issues with imported + saved objects. NOTE: This option cannot be used with the + `createNewCopies` option. + in: query + name: compatibilityMode + required: false + schema: + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + examples: + importObjectsRequest: + $ref: '#/components/examples/Saved_objects_import_objects_request' + schema: + type: object + properties: + file: + description: > + A file exported using the export API. NOTE: The + `savedObjects.maxImportExportSize` configuration setting + limits the number of saved objects which may be included in + this file. Similarly, the + `savedObjects.maxImportPayloadBytes` setting limits the + overall size of the file that can be imported. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + importObjectsResponse: + $ref: '#/components/examples/Saved_objects_import_objects_response' + schema: + type: object + properties: + errors: + description: > + Indicates the import was unsuccessful and specifies the + objects that failed to import. + + + NOTE: One object may result in multiple errors, which + requires separate steps to resolve. For instance, a + `missing_references` error and conflict error. + items: + type: object + type: array + success: + description: > + Indicates when the import was successfully completed. When + set to false, some objects may not have been created. For + additional information, refer to the `errors` and + `successResults` properties. + type: boolean + successCount: + description: Indicates the number of successfully imported records. + type: integer + successResults: + description: > + Indicates the objects that are successfully imported, with + any metadata if applicable. + + + NOTE: Objects are created only when all resolvable errors + are addressed, including conflicts and missing references. + If objects are created as new copies, each entry in the + `successResults` array includes a `destinationId` + attribute. + items: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Import saved objects + tags: + - saved objects + x-codeSamples: + - label: Import with createNewCopies + lang: cURL + source: | + curl \ + -X POST api/saved_objects/_import?createNewCopies=true + -H "kbn-xsrf: true" + --form file=@file.ndjson + /api/saved_objects/_resolve_import_errors: + post: + description: > + To resolve errors from the Import objects API, you can: + + + * Retry certain saved objects + + * Overwrite specific saved objects + + * Change references to different saved objects + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: resolveImportErrors + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - description: > + Applies various adjustments to the saved objects that are being + imported to maintain compatibility between different Kibana + versions. When enabled during the initial import, also enable when + resolving import errors. This option cannot be used with the + `createNewCopies` option. + in: query + name: compatibilityMode + required: false + schema: + type: boolean + - description: > + Creates copies of the saved objects, regenerates each object ID, and + resets the origin. When enabled during the initial import, also + enable when resolving import errors. + in: query + name: createNewCopies + required: false + schema: + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + examples: + resolveImportErrorsRequest: + $ref: >- + #/components/examples/Saved_objects_resolve_missing_reference_request + schema: + type: object + properties: + file: + description: The same file given to the import API. + format: binary + type: string + retries: + description: >- + The retry operations, which can specify how to resolve + different types of errors. + items: + type: object + properties: + destinationId: + description: >- + Specifies the destination ID that the imported object + should have, if different from the current ID. + type: string + id: + description: The saved object ID. + type: string + ignoreMissingReferences: + description: >- + When set to `true`, ignores missing reference errors. + When set to `false`, does nothing. + type: boolean + overwrite: + description: >- + When set to `true`, the source object overwrites the + conflicting destination object. When set to `false`, + does nothing. + type: boolean + replaceReferences: + description: >- + A list of `type`, `from`, and `to` used to change the + object references. + items: + type: object + properties: + from: + type: string + to: + type: string + type: + type: string + type: array + type: + description: The saved object type. + type: string + required: + - type + - id + type: array + required: + - retries + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + resolveImportErrorsResponse: + $ref: >- + #/components/examples/Saved_objects_resolve_missing_reference_response + schema: + type: object + properties: + errors: + description: > + Specifies the objects that failed to resolve. + + + NOTE: One object can result in multiple errors, which + requires separate steps to resolve. For instance, a + `missing_references` error and a `conflict` error. + items: + type: object + type: array + success: + description: > + Indicates a successful import. When set to `false`, some + objects may not have been created. For additional + information, refer to the `errors` and `successResults` + properties. + type: boolean + successCount: + description: | + Indicates the number of successfully resolved records. + type: number + successResults: + description: > + Indicates the objects that are successfully imported, with + any metadata if applicable. + + + NOTE: Objects are only created when all resolvable errors + are addressed, including conflict and missing references. + items: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Resolve import errors + tags: + - saved objects + /api/saved_objects/{type}: + post: + deprecated: true + description: Create a Kibana saved object with a randomly generated identifier. + operationId: createSavedObject + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + - description: If true, overwrites the document with the same identifier. + in: query + name: overwrite + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + attributes: + $ref: '#/components/schemas/Saved_objects_attributes' + initialNamespaces: + $ref: '#/components/schemas/Saved_objects_initial_namespaces' + references: + $ref: '#/components/schemas/Saved_objects_references' + required: + - attributes + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a conflict error. + summary: Create a saved object + tags: + - saved objects + /api/saved_objects/{type}/{id}: + get: + deprecated: true + description: Retrieve a single Kibana saved object by identifier. + operationId: getSavedObject + parameters: + - $ref: '#/components/parameters/Saved_objects_saved_object_id' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Get a saved object + tags: + - saved objects + post: + deprecated: true + description: >- + Create a Kibana saved object and specify its identifier instead of using + a randomly generated ID. + operationId: createSavedObjectId + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - $ref: '#/components/parameters/Saved_objects_saved_object_id' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + - description: If true, overwrites the document with the same identifier. + in: query + name: overwrite + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + attributes: + $ref: '#/components/schemas/Saved_objects_attributes' + initialNamespaces: + $ref: '#/components/schemas/Saved_objects_initial_namespaces' + references: + $ref: '#/components/schemas/Saved_objects_initial_namespaces' + required: + - attributes + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a conflict error. + summary: Create a saved object + tags: + - saved objects + put: + deprecated: true + description: Update the attributes for Kibana saved objects. + operationId: updateSavedObject + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - $ref: '#/components/parameters/Saved_objects_saved_object_id' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates the object was not found. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a conflict error. + summary: Update a saved object + tags: + - saved objects + /api/saved_objects/resolve/{type}/{id}: + get: + deprecated: true + description: > + Retrieve a single Kibana saved object by identifier using any legacy URL + alias if it exists. Under certain circumstances, when Kibana is + upgraded, saved object migrations may necessitate regenerating some + object IDs to enable new features. When an object's ID is regenerated, a + legacy URL alias is created for that object, preserving its old ID. In + such a scenario, that object can be retrieved using either its new ID or + its old ID. + operationId: resolveSavedObject + parameters: + - $ref: '#/components/parameters/Saved_objects_saved_object_id' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Resolve a saved object + tags: + - saved objects + /api/security_ai_assistant/anonymization_fields/_bulk_action: + post: + description: >- + Apply a bulk action to multiple anonymization fields. The bulk action is + applied to all anonymization fields that match the filter or to the list + of anonymization fields by their IDs. + operationId: PerformAnonymizationFieldsBulkAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + create: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldCreateProps + type: array + delete: + type: object + properties: + ids: + description: Array of anonymization fields IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter anonymization fields + type: string + update: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldUpdateProps + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Apply a bulk action to anonymization fields + tags: + - Security AI Assistant API + - Bulk API + /api/security_ai_assistant/anonymization_fields/_find: + get: + description: Get a list of all anonymization fields. + operationId: FindAnonymizationFields + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindAnonymizationFieldsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: AnonymizationFields per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get anonymization fields + tags: + - Security AI Assistant API + - AnonymizationFields API + /api/security_ai_assistant/chat/complete: + post: + description: Create a model response for the given chat conversation. + operationId: ChatComplete + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatCompleteProps' + required: true + responses: + '200': + content: + application/octet-stream; Elastic-Api-Version=2023-10-31: + schema: + format: binary + type: string + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Create a model response + tags: + - Security AI Assistant API + - Chat Complete API + /api/security_ai_assistant/current_user/conversations: + post: + description: Create a new Security AI Assistant conversation. + operationId: CreateConversation + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationCreateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Create a conversation + tags: + - Security AI Assistant API + - Conversation API + /api/security_ai_assistant/current_user/conversations/_find: + get: + description: Get a list of all conversations for the current user. + operationId: FindConversations + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindConversationsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Conversations per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get conversations + tags: + - Security AI Assistant API + - Conversations API + /api/security_ai_assistant/current_user/conversations/{id}: + delete: + description: Delete an existing conversation using the conversation ID. + operationId: DeleteConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Delete a conversation + tags: + - Security AI Assistant API + - Conversation API + get: + description: Get the details of an existing conversation using the conversation ID. + operationId: ReadConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get a conversation + tags: + - Security AI Assistant API + - Conversations API + put: + description: Update an existing conversation using the conversation ID. + operationId: UpdateConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationUpdateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Update a conversation + tags: + - Security AI Assistant API + - Conversation API + /api/security_ai_assistant/prompts/_bulk_action: + post: + description: >- + Apply a bulk action to multiple prompts. The bulk action is applied to + all prompts that match the filter or to the list of prompts by their + IDs. + operationId: PerformPromptsBulkAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + create: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptCreateProps + type: array + delete: + type: object + properties: + ids: + description: Array of prompts IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter promps + type: string + update: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptUpdateProps + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Apply a bulk action to prompts + tags: + - Security AI Assistant API + - Bulk API + /api/security_ai_assistant/prompts/_find: + get: + description: Get a list of all prompts. + operationId: FindPrompts + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindPromptsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Prompts per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get prompts + tags: + - Security AI Assistant API + - Prompts API + /api/status: + get: + operationId: '%2Fapi%2Fstatus#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: Set to "true" to get the response in v7 format. + in: query + name: v7format + required: false + schema: + type: boolean + - description: Set to "true" to get the response in v8 format. + in: query + name: v8format + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + - $ref: >- + #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse + description: >- + Kibana's operational status. A minimal response is sent for + unauthorized users. + description: Overall status is OK and Kibana should be functioning normally. + '503': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + - $ref: >- + #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse + description: >- + Kibana's operational status. A minimal response is sent for + unauthorized users. + description: >- + Kibana or some of it's essential services are unavailable. Kibana + may be degraded or unavailable. + summary: Get Kibana's current status + tags: + - system + /api/timeline: + delete: + description: Delete one or more Timelines or Timeline templates. + operationId: DeleteTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + savedObjectIds: + items: + type: string + type: array + searchIds: + description: >- + Saved search ids that should be deleted alongside the + timelines + items: + type: string + type: array + required: + - savedObjectIds + description: The IDs of the Timelines or Timeline templates to delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + deleteTimeline: + type: boolean + required: + - deleteTimeline + required: + - data + description: Indicates the Timeline was successfully deleted. + summary: Delete Timelines or Timeline templates + tags: + - Security Solution Timeline API + - access:securitySolution + get: + description: Get the details of an existing saved Timeline or Timeline template. + operationId: GetTimeline + parameters: + - description: The ID of the template timeline to retrieve + in: query + name: template_timeline_id + schema: + type: string + - description: The ID of the Timeline to retrieve. + in: query + name: id + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + getOneTimeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + nullable: true + required: + - getOneTimeline + required: + - data + description: Indicates that the (template) Timeline was found and returned. + summary: Get Timeline or Timeline template details + tags: + - Security Solution Timeline API + - access:securitySolution + patch: + description: >- + Update an existing Timeline. You can update the title, description, date + range, pinned events, pinned queries, and/or pinned saved queries of an + existing Timeline. + operationId: PatchTimeline + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SavedTimeline + timelineId: + nullable: true + type: string + version: + nullable: true + type: string + required: + - timelineId + - version + - timeline + description: The Timeline updates, along with the Timeline ID and version. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - timeline + required: + - persistTimeline + required: + - data + description: >- + Indicates that the draft Timeline was successfully created. In the + event the user already has a draft Timeline, the existing draft + Timeline is cleared and returned. + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates that the user does not have the required access to create + a draft Timeline. + summary: Update a Timeline + tags: + - Security Solution Timeline API + - access:securitySolution + post: + description: Create a new Timeline or Timeline template. + operationId: CreateTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + status: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineStatus + nullable: true + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SavedTimeline + timelineId: + nullable: true + type: string + timelineType: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineType + nullable: true + version: + nullable: true + type: string + required: + - timeline + description: >- + The required Timeline fields used to create a new Timeline, along with + optional fields that will be created if not provided. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - persistTimeline + required: + - data + description: Indicates the Timeline was successfully created. + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Indicates that there was an error in the Timeline creation. + summary: Create a Timeline or Timeline template + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/_draft: + get: + description: >- + Get the details of the draft Timeline or Timeline template for the + current user. If the user doesn't have a draft Timeline, an empty + Timeline is returned. + operationId: GetDraftTimelines + parameters: + - in: query + name: timelineType + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - timeline + required: + - persistTimeline + required: + - data + description: Indicates that the draft Timeline was successfully retrieved. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + If a draft Timeline was not found and we attempted to create one, it + indicates that the user does not have the required permissions to + create a draft Timeline. + '409': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + This should never happen, but if a draft Timeline was not found and + we attempted to create one, it indicates that there is already a + draft Timeline with the given `timelineId`. + summary: Get draft Timeline or Timeline template details + tags: + - Security Solution Timeline API + - access:securitySolution + post: + description: > + Create a clean draft Timeline or Timeline template for the current user. + + > info + + > If the user already has a draft Timeline, the existing draft Timeline + is cleared and returned. + operationId: CleanDraftTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + timelineType: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineType + required: + - timelineType + description: >- + The type of Timeline to create. Valid values are `default` and + `template`. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - timeline + required: + - persistTimeline + required: + - data + description: >- + Indicates that the draft Timeline was successfully created. In the + event the user already has a draft Timeline, the existing draft + Timeline is cleared and returned. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + Indicates that the user does not have the required permissions to + create a draft Timeline. + '409': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + Indicates that there is already a draft Timeline with the given + `timelineId`. + summary: Create a clean draft Timeline or Timeline template + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/_export: + post: + description: Export Timelines as an NDJSON file. + operationId: ExportTimelines + parameters: + - description: The name of the file to export + in: query + name: file_name + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + ids: + items: + type: string + nullable: true + type: array + description: The IDs of the Timelines to export. + required: true + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: NDJSON of the exported Timelines + type: string + description: Indicates the Timelines were successfully exported. + '400': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Indicates that the export size limit was exceeded. + summary: Export Timelines + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/_favorite: + patch: + description: Favorite a Timeline or Timeline template for the current user. + operationId: PersistFavoriteRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineId: + nullable: true + type: string + timelineType: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineType + nullable: true + required: + - timelineId + - templateTimelineId + - templateTimelineVersion + - timelineType + description: The required fields used to favorite a (template) Timeline. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistFavorite: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FavoriteTimelineResponse + required: + - persistFavorite + required: + - data + description: Indicates the favorite status was successfully updated. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates the user does not have the required permissions to persist + the favorite status. + summary: Favorite a Timeline or Timeline template + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/_import: + post: + description: Import Timelines. + operationId: ImportTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Timeline_API_Readable + - type: object + properties: + hapi: + type: object + properties: + filename: + type: string + headers: + type: object + isImmutable: + enum: + - 'true' + - 'false' + type: string + required: + - filename + - headers + required: + - hapi + description: The Timelines to import as a readable stream. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelineResult + required: + - data + description: Indicates the import of Timelines was successful. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + id: + type: string + statusCode: + type: number + description: >- + Indicates the import of Timelines was unsuccessful because of an + invalid file extension. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + statusCode: + type: number + description: >- + Indicates that we were unable to locate the saved object client + necessary to handle the import. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + id: + type: string + statusCode: + type: number + description: Indicates the import of Timelines was unsuccessful. + summary: Import Timelines + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/_prepackaged: + post: + description: Install or update prepackaged Timelines. + operationId: InstallPrepackedTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + prepackagedTimelines: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SavedTimeline + type: array + timelinesToInstall: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelines + nullable: true + type: array + timelinesToUpdate: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelines + nullable: true + type: array + required: + - timelinesToInstall + - timelinesToUpdate + - prepackagedTimelines + description: The Timelines to install or update. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelineResult + required: + - data + description: Indicates the installation of prepackaged Timelines was successful. + '500': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates the installation of prepackaged Timelines was + unsuccessful. + summary: Install prepackaged Timelines + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/resolve: + get: + operationId: ResolveTimeline + parameters: + - description: The ID of the template timeline to resolve + in: query + name: template_timeline_id + schema: + type: string + - description: The ID of the timeline to resolve + in: query + name: id + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + getOneTimeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + nullable: true + required: + - getOneTimeline + required: + - data + description: The (template) Timeline has been found + '400': + description: The request is missing parameters + '404': + description: The (template) Timeline was not found + summary: Get an existing saved Timeline or Timeline template + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timelines: + get: + description: Get a list of all saved Timelines or Timeline templates. + operationId: GetTimelines + parameters: + - description: >- + If true, only timelines that are marked as favorites by the user are + returned. + in: query + name: only_user_favorite + schema: + enum: + - 'true' + - 'false' + nullable: true + type: string + - in: query + name: timeline_type + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + nullable: true + - in: query + name: sort_field + schema: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SortFieldTimeline + - in: query + name: sort_order + schema: + enum: + - asc + - desc + type: string + - in: query + name: page_size + schema: + nullable: true + type: string + - in: query + name: page_index + schema: + nullable: true + type: string + - in: query + name: search + schema: + nullable: true + type: string + - in: query + name: status + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineStatus' + nullable: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + customTemplateTimelineCount: + type: number + defaultTimelineCount: + type: number + elasticTemplateTimelineCount: + type: number + favoriteCount: + type: number + templateTimelineCount: + type: number + timelines: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + type: array + totalCount: + type: number + required: + - timelines + - totalCount + - defaultTimelineCount + - templateTimelineCount + - favoriteCount + - elasticTemplateTimelineCount + - customTemplateTimelineCount + required: + - data + description: Indicates that the (template) Timelines were found and returned. + '400': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Bad request. The user supplied invalid data. + summary: Get Timelines or Timeline templates + tags: + - Security Solution Timeline API + - access:securitySolution + /s/{spaceId}/api/observability/slos: + get: + description: > + You must have the `read` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: findSlosOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - description: A valid kql query to filter the SLO with + example: 'slo.name:latency* and slo.tags : "prod"' + in: query + name: kqlQuery + schema: + type: string + - description: The page to use for pagination, must be greater or equal than 1 + example: 1 + in: query + name: page + schema: + default: 1 + type: integer + - description: Number of SLOs returned by page + example: 25 + in: query + name: perPage + schema: + default: 25 + maximum: 5000 + type: integer + - description: Sort by field + example: status + in: query + name: sortBy + schema: + default: status + enum: + - sli_value + - status + - error_budget_consumed + - error_budget_remaining + type: string + - description: Sort order + example: asc + in: query + name: sortDirection + schema: + default: asc + enum: + - asc + - desc + type: string + - description: >- + Hide stale SLOs from the list as defined by stale SLO threshold in + SLO settings + in: query + name: hideStale + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_find_slo_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Get a paginated list of SLOs + tags: + - slo + post: + description: > + You must have `all` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: createSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_create_slo_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_create_slo_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_409_response' + description: Conflict - The SLO id already exists + summary: Create an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/_delete_instances: + post: + description: > + The deletion occurs for the specified list of `sloId` and `instanceId`. + You must have `all` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: deleteSloInstancesOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_delete_slo_instances_request' + required: true + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + summary: Batch delete rollup and summary data + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}: + delete: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: deleteSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Delete an SLO + tags: + - slo + get: + description: > + You must have the `read` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: getSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + - description: the specific instanceId used by the summary calculation + example: host-abcde + in: query + name: instanceId + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_with_summary_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Get an SLO + tags: + - slo + put: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: updateSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_update_slo_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_definition_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Update an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/_reset: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: resetSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_definition_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Reset an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/disable: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: disableSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '200': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Disable an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/enable: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: enableSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Enable an SLO + tags: + - slo +components: + examples: + Alerting_get_health_response: + summary: Retrieve information about the health of the alerting framework. + value: + alerting_framework_health: + decryption_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + execution_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + read_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + has_permanent_encryption_key: true + is_sufficiently_secure: true + Alerting_get_rule_types_response: + summary: Retrieve rule types associated with Kibana machine learning features + value: + - action_groups: + - id: anomaly_score_match + name: Anomaly score matched the condition + - id: recovered + name: Recovered + action_variables: + context: + - description: The bucket timestamp of the anomaly + name: timestamp + - description: The bucket time of the anomaly in ISO8601 format + name: timestampIso8601 + - description: List of job IDs that triggered the alert + name: jobIds + - description: Alert info message + name: message + - description: Indicate if top hits contain interim results + name: isInterim + - description: Anomaly score at the time of the notification action + name: score + - description: Top records + name: topRecords + - description: Top influencers + name: topInfluencers + - description: URL to open in the Anomaly Explorer + name: anomalyExplorerUrl + useWithTripleBracesInTemplates: true + params: [] + state: [] + alerts: + context: ml.anomaly-detection + mappings: + fieldMap: + kibana.alert.anomaly_score: + array: false + type: double + required: false + kibana.alert.anomaly_timestamp: + array: false + type: date + required: false + kibana.alert.is_interim: + array: false + type: boolean + required: false + kibana.alert.job_id: + array: false + type: keyword + required: true + kibana.alert.top_influencers: + array: true + dynamic: false + type: object + properties: + influencer_field_name: + type: keyword + influencer_field_value: + type: keyword + influencer_score: + type: double + initial_influencer_score: + type: double + is_interim: + type: boolean + job_id: + type: keyword + timestamp: + type: date + required: false + kibana.alert.top_records: + array: true + dynamic: false + type: object + properties: + actual: + type: double + by_field_name: + type: keyword + by_field_value: + type: keyword + detector_index: + type: integer + field_name: + type: keyword + function: + type: keyword + initial_record_score: + type: double + is_interim: + type: boolean + job_id: + type: keyword + over_field_name: + type: keyword + over_field_value: + type: keyword + partition_field_name: + type: keyword + partition_field_value: + type: keyword + record_score: + type: double + timestamp: + type: date + typical: + type: double + required: false + shouldWrite: true + authorized_consumers: + alerts: + all: true + read: true + apm: + all: true + read: true + discover: + all: true + read: true + infrastructure: + all: true + read: true + logs: + all: true + read: true + ml: + all: true + read: true + monitoring: + all: true + read: true + siem: + all: true + read: true + slo: + all: true + read: true + stackAlerts: + all: true + read: true + uptime: + all: true + read: true + category: management + default_action_group_id: anomaly_score_match + does_set_recovery_context: true + enabled_in_license: true + has_alerts_mappings: true + has_fields_for_a_a_d: false + id: xpack.ml.anomaly_detection_alert + is_exportable: true + minimum_license_required: platinum + name: Anomaly detection alert + producer: ml + recovery_action_group: + id: recovered + name: Recovered + rule_task_timeout: 5m + - action_groups: + - id: anomaly_detection_realtime_issue + name: Issue detected + - id: recovered + name: Recovered + action_variables: + context: + - description: Results of the rule execution + name: results + - description: Alert info message + name: message + params: [] + state: [] + authorized_consumers: + alerts: + all: true + read: true + apm: + all: true + read: true + discover: + all: true + read: true + infrastructure: + all: true + read: true + logs: + all: true + read: true + ml: + all: true + read: true + monitoring: + all: true + read: true + siem: + all: true + read: true + slo: + all: true + read: true + stackAlerts: + all: true + read: true + uptime: + all: true + read: true + category: management + default_action_group_id: anomaly_detection_realtime_issue + does_set_recovery_context: true + enabled_in_license: true + has_alerts_mappings: false + has_fields_for_a_a_d: false + id: xpack.ml.anomaly_detection_jobs_health + is_exportable: true + minimum_license_required: platinum + name: Anomaly detection jobs health + producer: ml + recovery_action_group: + id: recovered + name: Recovered + rule_task_timeout: 5m + Cases_add_comment_request: + summary: Adds a comment to a case. + value: + comment: A new comment. + owner: cases + type: user + Cases_add_comment_response: + summary: >- + The add comment to case API returns a JSON object that contains details + about the case and its comments. + value: + assignees: [] + category: null + closed_at: null + closed_by: null + comments: + - comment: A new comment. + created_at: '2022-10-02T00:49:47.716Z' + created_by: + email: null + full_name: null + username: elastic + id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 + owner: cases + type: user + version: WzIwNDMxLDFd + connector: + fields: null + id: none + name: none + type: .none + created_at: '2022-03-24T00:37:03.906Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: Field value + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: true + description: A case description. + duration: null + external_service: null + id: 293f1bc0-74f6-11ea-b83a-553aecdb28b6 + owner: cases + settings: + syncAlerts: false + severity: low + status: open + tags: + - tag 1 + title: Case title 1 + totalAlerts: 0 + totalComment: 1 + updated_at: '2022-06-03T00:49:47.716Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzIzMzgsMV0= + Cases_create_case_request: + summary: Create a security case that uses a Jira connector. + value: + connector: + fields: + issueType: '10006' + parent: null + priority: High + id: 131d4448-abe0-4789-939d-8ef60680b498 + name: My connector + type: .jira + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My field value + description: A case description. + owner: cases + settings: + syncAlerts: true + tags: + - tag-1 + title: Case title 1 + Cases_create_case_response: + summary: >- + The create case API returns a JSON object that contains details about + the case. + value: + assignees: [] + closed_at: null + closed_by: null + comments: [] + connector: + fields: + issueType: '10006' + parent: null + priority: High + id: 131d4448-abe0-4789-939d-8ef60680b498 + name: My connector + type: .jira + created_at: '2022-10-13T15:33:50.604Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My field value + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: null + description: A case description. + duration: null + external_service: null + id: 66b9aa00-94fa-11ea-9f74-e7e108796192 + owner: cases + settings: + syncAlerts: true + severity: low + status: open + tags: + - tag 1 + title: Case title 1 + totalAlerts: 0 + totalComment: 0 + updated_at: null + updated_by: null + version: WzUzMiwxXQ== + Cases_find_case_activity_response: + summary: Retrieves all activity for a case + value: + page: 1 + perPage: 20 + total: 3 + userActions: + - action: create + comment_id: null + created_at: '2023-10-20T01:17:22.150Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: b4cd0770-07c9-11ed-a5fd-47154cb8767e + owner: cases + payload: + assignees: [] + category: null + connector: + fields: null + id: none + name: none + type: .none + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My field value + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: null + description: A case description. + owner: cases + settings: + syncAlerts: false + severity: low + status: open + tags: + - tag 1 + title: Case title 1 + type: create_case + version: WzM1ODg4LDFd + - action: create + comment_id: 578608d0-03b1-11ed-920c-974bfa104448 + created_at: '2023-10-14T20:12:53.354Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: 57af14a0-03b1-11ed-920c-974bfa104448 + owner: cases + payload: + comment: A new comment + owner: cases + type: user + type: comment + version: WzM1ODg4LDFa + - action: add + comment_id: null + created_at: '2023-10-20T01:10:28.238Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: 573c6980-6123-11ed-aa41-81a0a61fe447 + owner: cases + payload: + assignees: + uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + type: assignees + version: WzM1ODg4LDFb + Cases_find_case_response: + summary: >- + Retrieve the first five cases with the `tag-1` tag, in ascending order + by last update time. + value: + cases: + - assignees: [] + category: null + closed_at: null + closed_by: null + comments: [] + connector: + fields: null + id: none + name: none + type: .none + created_at: '2023-10-12T00:16:36.371Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My field value + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: null + description: Case description + duration: null + external_service: null + id: abed3a70-71bd-11ea-a0b2-c51ea50a58e2 + owner: cases + settings: + syncAlerts: true + severity: low + status: open + tags: + - tag-1 + title: Case title + totalAlerts: 0 + totalComment: 1 + updated_at: '2023-10-12T00:27:58.162Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzExMCwxXQ== + count_closed_cases: 0 + count_in_progress_cases: 0 + count_open_cases: 1 + page: 1 + per_page: 5 + total: 1 + Cases_find_connector_response: + summary: Retrieve information about the connectors and their settings. + value: + - actionTypeId: .jira + config: + apiUrl: https://elastic.atlassian.net/ + projectKey: ES + id: 61787f53-4eee-4741-8df6-8fe84fa616f7 + isDeprecated: false + isMissingSecrets: false + isPreconfigured: false + name: my-Jira + referencedByCount: 0 + Cases_get_case_alerts_response: + summary: Retrieves all alerts attached to a case + value: + - attached_at: '2022-07-25T20:09:40.963Z' + id: f6a7d0c3-d52d-432c-b2e6-447cd7fce04d + index: .alerts-observability.logs.alerts-default + Cases_get_case_configuration_response: + summary: Get the case configuration. + value: + - closure_type: close-by-user + connector: + fields: null + id: none + name: none + type: .none + created_at: '2024-07-01T17:07:17.767Z' + created_by: + email: null + full_name: null + username: elastic + customFields: + - defaultValue: Custom text field value. + key: d312efda-ec2b-42ec-9e2c-84981795c581 + label: my-text-field + type: text + required: false + error: null + id: 856ee650-6c82-11ee-a20a-6164169afa58 + mappings: [] + owner: cases + templates: + - caseFields: + assignees: + - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + category: Default-category + connector: + fields: null + id: none + name: none + type: .none + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: Default text field value. + description: A default description for cases. + settings: + syncAlerts: false + tags: + - Default case tag + title: Default case title + description: A description of the template. + key: 505932fe-ee3a-4960-a661-c781b5acdb05 + name: template-1 + tags: + - Template tag 1 + updated_at: null + updated_by: null + version: WzEyLDNd + Cases_get_case_observability_response: + summary: >- + Retrieves information about an Observability case including its alerts + and comments. + value: + assignees: + - uid: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0 + category: null + closed_at: null + closed_by: null + comments: + - alertId: + - a6e12ac4-7bce-457b-84f6-d7ce8deb8446 + created_at: '2023-11-06T19:29:38.424Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: 59d438d0-79a9-4864-8d4b-e63adacebf6e + index: + - .internal.alerts-observability.logs.alerts-default-000001 + owner: observability + pushed_at: null + pushed_by: null + rule: + id: 03e4eb87-62ca-4e5d-9570-3d7625e9669d + name: Observability rule + type: alert + updated_at: null + updated_by: null + version: WzY3LDJd + - comment: The first comment. + created_at: '2023-11-06T19:29:57.812Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: d99342d3-3aa3-4b80-90ec-a702607604f5 + owner: observability + pushed_at: null + pushed_by: null + type: user + updated_at: null + updated_by: null + version: WzcyLDJd + connector: + fields: null + id: none + name: none + type: .none + created_at: '2023-11-06T19:29:04.086Z' + created_by: + email: null + full_name: null + username: elastic + customFields: [] + description: An Observability case description. + duration: null + external_service: null + id: c3ff7550-def1-4e90-b6bc-c9969a4a09b1 + owner: observability + settings: + syncAlerts: false + severity: low + status: in-progress + tags: + - observability + - tag 1 + title: Observability case title 1 + totalAlerts: 1 + totalComment: 1 + updated_at: '2023-11-06T19:47:55.662Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzI0NywyXQ== + Cases_get_case_response: + summary: Retrieves information about a case including its comments. + value: + assignees: + - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + category: null + closed_at: null + closed_by: null + comments: + - comment: A new comment + created_at: '2023-10-13T15:40:32.335Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: 2134c1d0-02c2-11ed-85f2-4f7c222ca2fa + owner: cases + pushed_at: null + pushed_by: null + type: user + updated_at: null + updated_by: null + version: WzM3LDFd + connector: + fields: null + id: none + name: none + type: .none + created_at: '2023-10-13T15:33:50.604Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My field value + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: null + description: A case description + duration: null + external_service: null + id: 31cdada0-02c1-11ed-85f2-4f7c222ca2fa + owner: cases + settings: + syncAlerts: true + severity: low + status: open + tags: + - tag 1 + title: Case title 1 + totalAlerts: 0 + totalComment: 1 + updated_at: '2023-10-13T15:40:32.335Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzM2LDFd + Cases_get_comment_response: + summary: A single user comment retrieved from a case + value: + comment: A new comment + created_at: '2023-10-07T19:32:13.104Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: 8048b460-fe2b-11ec-b15d-779a7c8bbcc3 + owner: cases + pushed_at: null + pushed_by: null + type: user + updated_at: null + updated_by: null + version: WzIzLDFd + Cases_get_reporters_response: + summary: A list of two users that opened cases + value: + - email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + - email: jdoe@example.com + full_name: Jane Doe + profile_uid: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0 + username: jdoe + Cases_get_tags_response: + summary: A list of tags that are used in cases + value: + - observability + - security + - tag 1 + - tag 2 + Cases_push_case_response: + summary: >- + The push case API returns a JSON object with details about the case and + the external service. + value: + closed_at: null + closed_by: null + comments: [] + connector: + fields: + issueType: '10006' + parent: null + priority: Low + id: 09f8c0b0-0eda-11ed-bd18-65557fe66949 + name: My connector + type: .jira + created_at: '2022-07-29T00:59:39.444Z' + created_by: + email: null + full_name: null + username: elastic + description: A case description. + duration: null + external_service: + connector_id: 09f8c0b0-0eda-11ed-bd18-65557fe66949 + connector_name: My connector + external_id: '71926' + external_title: ES-554 + external_url: https://cases.jira.com + pushed_at: '2022-07-29T01:20:58.436Z' + pushed_by: + email: null + full_name: null + username: elastic + id: b917f300-0ed9-11ed-bd18-65557fe66949 + owner: cases + settings: + syncAlerts: true + severity: low + status: open + tags: + - tag 1 + title: Case title 1 + totalAlerts: 0 + totalComment: 0 + updated_at: '2022-07-29T01:20:58.436Z' + updated_by: + email: null + full_name: null + username: elastic + version: WzE3NjgsM10= + Cases_set_case_configuration_request: + summary: >- + Set the closure type, custom fields, and default connector for Stack + Management cases. + value: + closure_type: close-by-user + connector: + fields: null + id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 + name: my-jira-connector + type: .jira + customFields: + - defaultValue: My custom field default value. + key: d312efda-ec2b-42ec-9e2c-84981795c581 + label: my-text-field + type: text + required: false + owner: cases + templates: + - caseFields: + assignees: + - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + category: Default-category + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: A text field value for the template. + description: A default description for cases. + tags: + - Default case tag + title: Default case title + description: A description of the template. + key: 505932fe-ee3a-4960-a661-c781b5acdb05 + name: template-1 + tags: + - Template tag 1 + Cases_set_case_configuration_response: + summary: This is an example response for case settings. + value: + closure_type: close-by-user + connector: + fields: null + id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 + name: my-jira-connector + type: .jira + created_at: '2024-07-01T17:07:17.767Z' + created_by: + email: null, + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - defaultValue: My custom field default value. + key: d312efda-ec2b-42ec-9e2c-84981795c581 + label: my-text-field + type: text + required: false + error: null + id: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 + mappings: + - action_type: overwrite + source: title + target: summary + - action_type: overwrite + source: description + target: description + - action_type: append + source: comments + target: comments + - action_type: overwrite + source: tags + target: labels + owner: cases + templates: + - caseFields: + assignees: + - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + category: Default-category + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: A text field value for the template. + description: A default description for cases. + tags: + - Default case tag + title: Default case title + description: A description of the template. + key: 505932fe-ee3a-4960-a661-c781b5acdb05 + name: template-1 + tags: + - Template tag 1 + updated_at: null + updated_by: null + version: WzIwNzMsMV0= + Cases_update_case_configuration_request: + summary: Update the case settings. + value: + closure_type: close-by-user + connector: + fields: null + id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 + name: my-jira-connector + type: .jira + customFields: + - defaultValue: A new default value. + key: d312efda-ec2b-42ec-9e2c-84981795c581 + label: my-text-field + type: text + required: true + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + label: my-toggle + type: toggle + required: false + version: WzExOSw0XQ== + Cases_update_case_configuration_response: + summary: This is an example response when the case configuration was updated. + value: + closure_type: close-by-user + connector: + fields: null + id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 + name: my-jira-connector + type: .jira + created_at: '2024-07-01T17:07:17.767Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - defaultValue: A new default value. + key: d312efda-ec2b-42ec-9e2c-84981795c581 + label: my-text-field + type: text + required: true + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + label: my-toggle + type: toggle + required: false + error: null + id: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 + mappings: + - action_type: overwrite + source: title + target: summary + - action_type: overwrite + source: description + target: description + - action_type: overwrite + source: tags + target: labels + - action_type: append + source: comments + target: comments + owner: cases + templates: [] + updated_at: '2024-07-19T00:52:42.401Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzI2LDNd + Cases_update_case_request: + summary: Update the case description, tags, and connector. + value: + cases: + - connector: + fields: + issueType: '10006' + parent: null + priority: null + id: 131d4448-abe0-4789-939d-8ef60680b498 + name: My connector + type: .jira + customFields: + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: false + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My new field value + description: A case description. + id: a18b38a0-71b0-11ea-a0b2-c51ea50a58e2 + settings: + syncAlerts: true + tags: + - tag-1 + version: WzIzLDFd + Cases_update_case_response: + summary: >- + This is an example response when the case description, tags, and + connector were updated. + value: + - assignees: [] + category: null + closed_at: null + closed_by: null + comments: [] + connector: + fields: + issueType: '10006' + parent: null + priority: null + id: 131d4448-abe0-4789-939d-8ef60680b498 + name: My connector + type: .jira + created_at: '2023-10-13T09:16:17.416Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My new field value + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: false + description: A case description. + duration: null + external_service: + connector_id: 05da469f-1fde-4058-99a3-91e4807e2de8 + connector_name: Jira + external_id: '10003' + external_title: IS-4 + external_url: https://hms.atlassian.net/browse/IS-4 + pushed_at: '2023-10-13T09:20:40.672Z' + pushed_by: + email: null + full_name: null + username: elastic + id: 66b9aa00-94fa-11ea-9f74-e7e108796192 + owner: cases + settings: + syncAlerts: true + severity: low + status: open + tags: + - tag-1 + title: Case title 1 + totalAlerts: 0 + totalComment: 0 + updated_at: '2023-10-13T09:48:33.043Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzU0OCwxXQ== + Cases_update_comment_request: + summary: Updates a comment of a case. + value: + comment: An updated comment. + id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 + owner: cases + type: user + version: Wzk1LDFd + Cases_update_comment_response: + summary: >- + The add comment to case API returns a JSON object that contains details + about the case and its comments. + value: + assignees: [] + category: null + closed_at: null + closed_by: null + comments: + - comment: An updated comment. + created_at: '2023-10-24T00:37:10.832Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 + owner: cases + pushed_at: null + pushed_by: null + type: user + updated_at: '2023-10-24T01:27:06.210Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzIwNjM3LDFd + connector: + fields: null + id: none + name: none + type: .none + created_at: '2023-10-24T00:37:03.906Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My new field value + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: false + description: A case description. + duration: null + external_service: null + id: 293f1bc0-74f6-11ea-b83a-553aecdb28b6 + owner: cases + settings: + syncAlerts: false + severity: low + status: open + tags: + - tag 1 + title: Case title 1 + totalAlerts: 0 + totalComment: 1 + updated_at: '2023-10-24T01:27:06.210Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzIwNjM2LDFd + Data_views_create_data_view_request: + summary: Create a data view with runtime fields. + value: + data_view: + name: My Logstash data view + runtimeFieldMap: + runtime_shape_name: + script: + source: emit(doc['shape_name'].value) + type: keyword + title: logstash-* + Data_views_create_runtime_field_request: + summary: Create a runtime field. + value: + name: runtimeFoo + runtimeField: + script: + source: emit(doc["foo"].value) + type: long + Data_views_get_data_view_response: + summary: >- + The get data view API returns a JSON object that contains information + about the data view. + value: + data_view: + allowNoIndex: false + fieldAttrs: + products.manufacturer: + count: 1 + products.price: + count: 1 + products.product_name: + count: 1 + total_quantity: + count: 1 + fieldFormats: + products.base_price: + id: number + params: + pattern: $0,0.00 + products.base_unit_price: + id: number + params: + pattern: $0,0.00 + products.min_price: + id: number + params: + pattern: $0,0.00 + products.price: + id: number + params: + pattern: $0,0.00 + products.taxful_price: + id: number + params: + pattern: $0,0.00 + products.taxless_price: + id: number + params: + pattern: $0,0.00 + taxful_total_price: + id: number + params: + pattern: $0,0.[00] + taxless_total_price: + id: number + params: + pattern: $0,0.00 + fields: + _id: + aggregatable: false + count: 0 + esTypes: + - _id + format: + id: string + isMapped: true + name: _id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _index: + aggregatable: true + count: 0 + esTypes: + - _index + format: + id: string + isMapped: true + name: _index + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _score: + aggregatable: false + count: 0 + format: + id: number + isMapped: true + name: _score + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: number + _source: + aggregatable: false + count: 0 + esTypes: + - _source + format: + id: _source + isMapped: true + name: _source + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: _source + category: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: category + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + category.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: category.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: category + type: string + currency: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: currency + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_birth_date: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: customer_birth_date + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + customer_first_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_first_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_first_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_first_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_first_name + type: string + customer_full_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_full_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_full_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_full_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_full_name + type: string + customer_gender: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_gender + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_id: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_last_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_last_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_last_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_last_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_last_name + type: string + customer_phone: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_phone + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + day_of_week: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: day_of_week + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + day_of_week_i: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: day_of_week_i + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + email: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: email + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + event.dataset: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: event.dataset + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.city_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.city_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.continent_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.continent_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.country_iso_code: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.country_iso_code + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.location: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: geoip.location + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + geoip.region_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.region_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + manufacturer: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: manufacturer + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + manufacturer.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: manufacturer.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: manufacturer + type: string + order_date: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: order_date + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + order_id: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: order_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + products._id: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: products._id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products._id.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products._id.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products._id + type: string + products.base_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.base_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.base_unit_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.base_unit_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.category: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: products.category + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.category.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.category.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.category + type: string + products.created_on: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: products.created_on + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + products.discount_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.discount_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.discount_percentage: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.discount_percentage + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.manufacturer: + aggregatable: false + count: 1 + esTypes: + - text + format: + id: string + isMapped: true + name: products.manufacturer + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.manufacturer.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.manufacturer.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.manufacturer + type: string + products.min_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.min_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.price: + aggregatable: true + count: 1 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.product_id: + aggregatable: true + count: 0 + esTypes: + - long + format: + id: number + isMapped: true + name: products.product_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.product_name: + aggregatable: false + count: 1 + esTypes: + - text + format: + id: string + isMapped: true + name: products.product_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.product_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.product_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.product_name + type: string + products.quantity: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: products.quantity + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.sku: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.sku + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.tax_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.tax_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.taxful_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.taxful_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.taxless_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.taxless_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.unit_discount_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.unit_discount_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + sku: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: sku + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + taxful_total_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.[00] + isMapped: true + name: taxful_total_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + taxless_total_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: taxless_total_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + total_quantity: + aggregatable: true + count: 1 + esTypes: + - integer + format: + id: number + isMapped: true + name: total_quantity + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + total_unique_products: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: total_unique_products + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + type: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: type + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + user: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: user + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + name: Kibana Sample Data eCommerce + namespaces: + - default + runtimeFieldMap: {} + sourceFilters: [] + timeFieldName: order_date + title: kibana_sample_data_ecommerce + typeMeta: {} + version: WzUsMV0= + Data_views_get_data_views_response: + summary: The get all data views API returns a list of data views. + value: + data_view: + - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + name: Kibana Sample Data eCommerce + namespaces: + - default + title: kibana_sample_data_ecommerce + typeMeta: {} + - id: d3d7af60-4c81-11e8-b3d7-01146121b73d + name: Kibana Sample Data Flights + namespaces: + - default + title: kibana_sample_data_flights + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: Kibana Sample Data Logs + namespaces: + - default + title: kibana_sample_data_logs + Data_views_get_default_data_view_response: + summary: The get default data view API returns the default data view identifier. + value: + data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + Data_views_get_runtime_field_response: + summary: >- + The get runtime field API returns a JSON object that contains + information about the runtime field (`hour_of_day`) and the data view + (`d3d7af60-4c81-11e8-b3d7-01146121b73d`). + value: + data_view: + allowNoIndex: false + fieldAttrs: {} + fieldFormats: + AvgTicketPrice: + id: number + params: + pattern: $0,0.[00] + hour_of_day: + id: number + params: + pattern: '00' + fields: + _id: + aggregatable: false + count: 0 + esTypes: + - _id + format: + id: string + isMapped: true + name: _id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _index: + aggregatable: true + count: 0 + esTypes: + - _index + format: + id: string + isMapped: true + name: _index + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _score: + aggregatable: false + count: 0 + format: + id: number + isMapped: true + name: _score + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: number + _source: + aggregatable: false + count: 0 + esTypes: + - _source + format: + id: _source + isMapped: true + name: _source + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: _source + AvgTicketPrice: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + params: + pattern: $0,0.[00] + isMapped: true + name: AvgTicketPrice + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + Cancelled: + aggregatable: true + count: 0 + esTypes: + - boolean + format: + id: boolean + isMapped: true + name: Cancelled + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: boolean + Carrier: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Carrier + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + dayOfWeek: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: dayOfWeek + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + Dest: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Dest + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestAirportID: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestAirportID + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestCityName: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestCityName + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestCountry: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestCountry + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestLocation: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: DestLocation + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + DestRegion: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestRegion + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestWeather: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestWeather + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DistanceKilometers: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: DistanceKilometers + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + DistanceMiles: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: DistanceMiles + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + FlightDelay: + aggregatable: true + count: 0 + esTypes: + - boolean + format: + id: boolean + isMapped: true + name: FlightDelay + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: boolean + FlightDelayMin: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: FlightDelayMin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + FlightDelayType: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightDelayType + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + FlightNum: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightNum + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + FlightTimeHour: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightTimeHour + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + FlightTimeMin: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: FlightTimeMin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + hour_of_day: + aggregatable: true + count: 0 + esTypes: + - long + format: + id: number + params: + pattern: '00' + name: hour_of_day + readFromDocValues: false + runtimeField: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + scripted: false + searchable: true + shortDotsEnable: false + type: number + Origin: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Origin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginAirportID: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginAirportID + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginCityName: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginCityName + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginCountry: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginCountry + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginLocation: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: OriginLocation + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + OriginRegion: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginRegion + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginWeather: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginWeather + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + timestamp: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: timestamp + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + id: d3d7af60-4c81-11e8-b3d7-01146121b73d + name: Kibana Sample Data Flights + runtimeFieldMap: + hour_of_day: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + sourceFilters: [] + timeFieldName: timestamp + title: kibana_sample_data_flights + version: WzM2LDJd + fields: + - aggregatable: true + count: 0 + esTypes: + - long + name: hour_of_day + readFromDocValues: false + runtimeField: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + scripted: false + searchable: true + shortDotsEnable: false + type: number + Data_views_preview_swap_data_view_request: + summary: Preview swapping references from data view ID "abcd-efg" to "xyz-123". + value: + fromId: abcd-efg + toId: xyz-123 + Data_views_set_default_data_view_request: + summary: Set the default data view identifier. + value: + data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + force: true + Data_views_swap_data_view_request: + summary: >- + Swap references from data view ID "abcd-efg" to "xyz-123" and remove the + data view that is no longer referenced. + value: + delete: true + fromId: abcd-efg + toId: xyz-123 + Data_views_update_data_view_request: + summary: Update some properties for a data view. + value: + data_view: + allowNoIndex: false + name: Kibana Sample Data eCommerce + timeFieldName: order_date + title: kibana_sample_data_ecommerce + refresh_fields: true + Data_views_update_field_metadata_request: + summary: Update metadata for multiple fields. + value: + fields: + field1: + count: 123 + customLabel: Field 1 label + field2: + customDescription: Field 2 description + customLabel: Field 2 label + Data_views_update_runtime_field_request: + summary: Update an existing runtime field on a data view. + value: + runtimeField: + script: + source: emit(doc["bar"].value) + Machine_learning_APIs_mlSyncExample: + summary: Two anomaly detection jobs required synchronization in this example. + value: + datafeedsAdded: {} + datafeedsRemoved: {} + savedObjectsCreated: + anomaly-detector: + myjob1: + success: true + myjob2: + success: true + savedObjectsDeleted: {} + Saved_objects_export_objects_request: + summary: Export a specific saved object. + value: + excludeExportDetails: true + includeReferencesDeep: false + objects: + - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 + type: map + Saved_objects_export_objects_response: + summary: >- + The export objects API response contains a JSON record for each exported + object. + value: + attributes: + description: '' + layerListJSON: >- + [{"id":"0hmz5","alpha":1,"sourceDescriptor":{"type":"EMS_TMS","isAutoSelect":true,"lightModeDefault":"road_map_desaturated"},"visible":true,"style":{},"type":"EMS_VECTOR_TILE","minZoom":0,"maxZoom":24},{"id":"edh66","label":"Total + Requests by + Destination","minZoom":0,"maxZoom":24,"alpha":0.5,"sourceDescriptor":{"type":"EMS_FILE","id":"world_countries","tooltipProperties":["name","iso2"]},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"__kbnjoin__count__673ff994-fc75-4c67-909b-69fcb0e1060e","origin":"join"},"color":"Greys","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"STATIC","options":{"size":10}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR","joins":[{"leftField":"iso2","right":{"type":"ES_TERM_SOURCE","id":"673ff994-fc75-4c67-909b-69fcb0e1060e","indexPatternTitle":"kibana_sample_data_logs","term":"geo.dest","indexPatternRefName":"layer_1_join_0_index_pattern","metrics":[{"type":"count","label":"web + logs + count"}],"applyGlobalQuery":true}}]},{"id":"gaxya","label":"Actual + Requests","minZoom":9,"maxZoom":24,"alpha":1,"sourceDescriptor":{"id":"b7486535-171b-4d3b-bb2e-33c1a0a2854c","type":"ES_SEARCH","geoField":"geo.coordinates","limit":2048,"filterByMapBounds":true,"tooltipProperties":["clientip","timestamp","host","request","response","machine.os","agent","bytes"],"indexPatternRefName":"layer_2_source_index_pattern","applyGlobalQuery":true,"scalingType":"LIMIT"},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"STATIC","options":{"color":"#2200ff"}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":2}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"bytes","origin":"source"},"minSize":1,"maxSize":23,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"},{"id":"tfi3f","label":"Total + Requests and + Bytes","minZoom":0,"maxZoom":9,"alpha":1,"sourceDescriptor":{"type":"ES_GEO_GRID","resolution":"COARSE","id":"8aaa65b5-a4e9-448b-9560-c98cb1c5ac5b","geoField":"geo.coordinates","requestType":"point","metrics":[{"type":"count","label":"web + logs + count"},{"type":"sum","field":"bytes"}],"indexPatternRefName":"layer_3_source_index_pattern","applyGlobalQuery":true},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"color":"Blues","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#cccccc"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"sum_of_bytes","origin":"source"},"minSize":7,"maxSize":25,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelText":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelSize":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"minSize":12,"maxSize":24,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"}] + mapStateJSON: >- + {"zoom":3.64,"center":{"lon":-88.92107,"lat":42.16337},"timeFilters":{"from":"now-7d","to":"now"},"refreshConfig":{"isPaused":true,"interval":0},"query":{"language":"kuery","query":""},"settings":{"autoFitToDataBounds":false}} + title: '[Logs] Total Requests and Bytes' + uiStateJSON: '{"isDarkMode":false}' + coreMigrationVersion: 8.8.0 + created_at: '2023-08-23T20:03:32.204Z' + id: de71f4f0-1902-11e9-919b-ffe5949a18d2 + managed: false + references: + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_1_join_0_index_pattern + type: index-pattern + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_2_source_index_pattern + type: index-pattern + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_3_source_index_pattern + type: index-pattern + type: map + typeMigrationVersion: 8.4.0 + updated_at: '2023-08-23T20:03:32.204Z' + version: WzEzLDFd + Saved_objects_import_objects_request: + value: + file: file.ndjson + Saved_objects_import_objects_response: + summary: >- + The import objects API response indicates a successful import and the + objects are created. Since these objects are created as new copies, each + entry in the successResults array includes a destinationId attribute. + value: + success: true + successCount: 1 + successResults: + - destinationId: 82d2760c-468f-49cf-83aa-b9a35b6a8943 + id: 90943e30-9a47-11e8-b64d-95841ca0b247 + managed: false + meta: + icon: indexPatternApp + title: Kibana Sample Data Logs + type: index-pattern + Saved_objects_key_rotation_response: + summary: Encryption key rotation using default parameters. + value: + failed: 0 + successful: 300 + total: 1000 + Saved_objects_resolve_missing_reference_request: + value: + file: file.ndjson + retries: + - id: my-pattern + overwrite: true + type: index-pattern + - destinationId: another-vis + id: my-vis + overwrite: true + type: visualization + - destinationId: yet-another-canvas + id: my-canvas + overwrite: true + type: canvas + - id: my-dashboard + type: dashboard + Saved_objects_resolve_missing_reference_response: + summary: Resolve missing reference errors. + value: + success: true + successCount: 3 + successResults: + - id: my-vis + meta: + icon: visualizeApp + title: Look at my visualization + type: visualization + - id: my-search + meta: + icon: searchApp + title: Look at my search + type: search + - id: my-dashboard + meta: + icon: dashboardApp + title: Look at my dashboard + type: dashboard + parameters: + Alerting_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Cases_alert_id: + description: An identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 09f0c261e39e36351d75995b78bb83673774d1bc2cca9df2d15f0e5c0a99a540 + type: string + Cases_assignees: + description: > + Filters the returned cases by assignees. Valid values are `none` or + unique identifiers for the user profiles. These identifiers can be found + by using the suggest user profile API. + in: query + name: assignees + schema: + oneOf: + - type: string + - items: + type: string + maxItems: 100 + type: array + Cases_case_id: + description: >- + The identifier for the case. To retrieve case IDs, use the find cases + API. All non-ASCII characters must be URL encoded. + in: path + name: caseId + required: true + schema: + example: 9c235210-6834-11ea-a78c-6ffb38a34414 + type: string + Cases_category: + description: Filters the returned cases by category. + in: query + name: category + schema: + oneOf: + - example: my-category + type: string + - items: + type: string + maxItems: 100 + type: array + Cases_comment_id: + description: > + The identifier for the comment. To retrieve comment IDs, use the get + case or find cases APIs. + in: path + name: commentId + required: true + schema: + example: 71ec1870-725b-11ea-a0b2-c51ea50a58e2 + type: string + Cases_configuration_id: + description: An identifier for the configuration. + in: path + name: configurationId + required: true + schema: + example: 3297a0f0-b5ec-11ec-b141-0fdb20a7f9a9 + type: string + Cases_connector_id: + description: >- + An identifier for the connector. To retrieve connector IDs, use the find + connectors API. + in: path + name: connectorId + required: true + schema: + example: abed3a70-71bd-11ea-a0b2-c51ea50a58e2 + type: string + Cases_defaultSearchOperator: + description: he default operator to use for the simple_query_string. + example: OR + in: query + name: defaultSearchOperator + schema: + default: OR + type: string + Cases_from: + description: > + Returns only cases that were created after a specific date. The date + must be specified as a KQL data range or date match expression. + in: query + name: from + schema: + example: now-1d + type: string + Cases_ids: + description: > + The cases that you want to removed. All non-ASCII characters must be URL + encoded. + example: d4e7abb0-b462-11ec-9a8d-698504725a43 + in: query + name: ids + required: true + schema: + items: + maxItems: 100 + minItems: 1 + type: string + type: array + Cases_includeComments: + deprecated: true + description: >- + Deprecated in 8.1.0. This parameter is deprecated and will be removed in + a future release. It determines whether case comments are returned. + in: query + name: includeComments + schema: + default: true + type: boolean + Cases_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Cases_owner: + description: > + A filter to limit the response to a specific set of applications. If + this parameter is omitted, the response contains information about all + the cases that the user has access to read. + example: cases + in: query + name: owner + schema: + oneOf: + - $ref: '#/components/schemas/Cases_owners' + - items: + $ref: '#/components/schemas/Cases_owners' + type: array + Cases_page_index: + description: The page number to return. + in: query + name: page + required: false + schema: + default: 1 + type: integer + Cases_page_size: + description: The number of items to return. Limited to 100 items. + in: query + name: perPage + required: false + schema: + default: 20 + maximum: 100 + type: integer + Cases_reporters: + description: Filters the returned cases by the user name of the reporter. + example: elastic + in: query + name: reporters + schema: + oneOf: + - type: string + - items: + type: string + maxItems: 100 + type: array + Cases_search: + description: >- + An Elasticsearch simple_query_string query that filters the objects in + the response. + in: query + name: search + schema: + type: string + Cases_searchFields: + description: The fields to perform the simple_query_string parsed query against. + in: query + name: searchFields + schema: + oneOf: + - $ref: '#/components/schemas/Cases_searchFieldsType' + - items: + $ref: '#/components/schemas/Cases_searchFieldsType' + type: array + Cases_severity: + description: The severity of the case. + in: query + name: severity + schema: + enum: + - critical + - high + - low + - medium + type: string + Cases_sort_order: + description: Determines the sort order. + in: query + name: sortOrder + required: false + schema: + default: desc + enum: + - asc + - desc + type: string + Cases_sortField: + description: Determines which field is used to sort the results. + example: updatedAt + in: query + name: sortField + schema: + default: createdAt + enum: + - createdAt + - updatedAt + - closedAt + - title + - category + - status + - severity + type: string + Cases_status: + description: Filters the returned cases by state. + example: open + in: query + name: status + schema: + enum: + - closed + - in-progress + - open + type: string + Cases_tags: + description: Filters the returned cases by tags. + example: tag-1 + in: query + name: tags + schema: + oneOf: + - type: string + - items: + type: string + maxItems: 100 + type: array + Cases_to: + description: > + Returns only cases that were created before a specific date. The date + must be specified as a KQL data range or date match expression. + example: now+1d + in: query + name: to + schema: + type: string + Cases_user_action_types: + description: Determines the types of user actions to return. + example: create_case + in: query + name: types + schema: + items: + enum: + - action + - alert + - assignees + - attachment + - comment + - connector + - create_case + - description + - pushed + - settings + - severity + - status + - tags + - title + - user + type: string + type: array + Data_views_field_name: + description: The name of the runtime field. + in: path + name: fieldName + required: true + schema: + example: hour_of_day + type: string + Data_views_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Data_views_view_id: + description: An identifier for the data view. + in: path + name: viewId + required: true + schema: + example: ff959d40-b880-11e8-a6d9-e546fe2bba5f + type: string + Fleet_format: + description: Simplified or legacy format for package inputs + in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + Fleet_kbn_xsrf: + description: Kibana's anti Cross-Site Request Forgery token. Can be any string value. + in: header + name: kbn-xsrf + required: true + schema: + type: string + Fleet_kuery: + in: query + name: kuery + required: false + schema: + type: string + Fleet_page_index: + in: query + name: page + required: false + schema: + default: 1 + type: integer + Fleet_page_size: + description: The number of items to return + in: query + name: perPage + required: false + schema: + default: 20 + type: integer + Fleet_show_inactive: + in: query + name: showInactive + required: false + schema: + type: boolean + Fleet_show_upgradeable: + in: query + name: showUpgradeable + required: false + schema: + type: boolean + Fleet_sort_field: + in: query + name: sortField + required: false + schema: + deprecated: true + type: string + Fleet_sort_order: + in: query + name: sortOrder + required: false + schema: + enum: + - asc + - desc + type: string + Fleet_with_metrics: + description: Return agent metrics, false by default + in: query + name: withMetrics + required: false + schema: + type: boolean + Machine_learning_APIs_simulateParam: + description: >- + When true, simulates the synchronization by returning only the list of + actions that would be performed. + example: 'true' + in: query + name: simulate + required: false + schema: + type: boolean + Saved_objects_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Saved_objects_saved_object_id: + description: An identifier for the saved object. + in: path + name: id + required: true + schema: + type: string + Saved_objects_saved_object_type: + description: >- + Valid options include `visualization`, `dashboard`, `search`, + `index-pattern`, `config`. + in: path + name: type + required: true + schema: + type: string + SLOs_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + SLOs_slo_id: + description: An identifier for the slo. + in: path + name: sloId + required: true + schema: + example: 9c235211-6834-11ea-a78c-6feb38a34414 + type: string + SLOs_space_id: + description: >- + An identifier for the space. If `/s/` and the identifier are omitted + from the path, the default space is used. + in: path + name: spaceId + required: true + schema: + example: default + type: string + responses: + Fleet_error: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + schemas: + Alerting_401_response: + properties: + error: + enum: + - Unauthorized + example: Unauthorized + type: string + message: + type: string + statusCode: + enum: + - 401 + example: 401 + type: integer + title: Unsuccessful rule API response + type: object + Alerting_alert_response_properties: + title: Legacy alert response properties + type: object + properties: + actions: + items: + type: object + type: array + alertTypeId: + example: .index-threshold + type: string + apiKeyOwner: + example: elastic + nullable: true + type: string + createdAt: + description: The date and time that the alert was created. + example: '2022-12-05T23:36:58.284Z' + format: date-time + type: string + createdBy: + description: The identifier for the user that created the alert. + example: elastic + type: string + enabled: + description: Indicates whether the alert is currently enabled. + example: true + type: boolean + executionStatus: + type: object + properties: + lastExecutionDate: + example: '2022-12-06T00:13:43.890Z' + format: date-time + type: string + status: + example: ok + type: string + id: + description: The identifier for the alert. + example: b530fed0-74f5-11ed-9801-35303b735aef + type: string + muteAll: + example: false + type: boolean + mutedInstanceIds: + items: + type: string + nullable: true + type: array + name: + description: The name of the alert. + example: my alert + type: string + notifyWhen: + example: onActionGroupChange + type: string + params: + additionalProperties: true + type: object + schedule: + type: object + properties: + interval: + type: string + scheduledTaskId: + example: b530fed0-74f5-11ed-9801-35303b735aef + type: string + tags: + items: + type: string + type: array + throttle: + nullable: true + type: string + updatedAt: + example: '2022-12-05T23:36:58.284Z' + type: string + updatedBy: + description: The identifier for the user that updated this alert most recently. + example: elastic + nullable: true + type: string + Alerting_fieldmap_properties: + title: Field map objects in the get rule types response + type: object + properties: + array: + description: Indicates whether the field is an array. + type: boolean + dynamic: + description: Indicates whether it is a dynamic field mapping. + type: boolean + format: + description: > + Indicates the format of the field. For example, if the `type` is + `date_range`, the `format` can be + `epoch_millis||strict_date_optional_time`. + type: string + ignore_above: + description: >- + Specifies the maximum length of a string field. Longer strings are + not indexed or stored. + type: integer + index: + description: Indicates whether field values are indexed. + type: boolean + path: + description: TBD + type: string + properties: + additionalProperties: + type: object + properties: + type: + description: The data type for each object property. + type: string + description: > + Details about the object properties. This property is applicable + when `type` is `object`. + type: object + required: + description: Indicates whether the field is required. + type: boolean + scaling_factor: + description: > + The scaling factor to use when encoding values. This property is + applicable when `type` is `scaled_float`. Values will be multiplied + by this factor at index time and rounded to the closest long value. + type: integer + type: + description: Specifies the data type for the field. + example: scaled_float + type: string + Cases_4xx_response: + properties: + error: + example: Unauthorized + type: string + message: + type: string + statusCode: + example: 401 + type: integer + title: Unsuccessful cases API response + type: object + Cases_action_types: + description: The type of action. + enum: + - assignees + - create_case + - comment + - connector + - delete_case + - description + - pushed + - tags + - title + - status + - settings + - severity + example: create_case + type: string + Cases_actions: + enum: + - add + - create + - delete + - push_to_service + - update + example: create + type: string + Cases_add_alert_comment_request_properties: + description: Defines properties for case comment requests when type is alert. + type: object + properties: + alertId: + $ref: '#/components/schemas/Cases_alert_identifiers' + index: + $ref: '#/components/schemas/Cases_alert_indices' + owner: + $ref: '#/components/schemas/Cases_owners' + rule: + $ref: '#/components/schemas/Cases_rule' + type: + description: The type of comment. + enum: + - alert + example: alert + type: string + required: + - alertId + - index + - owner + - rule + - type + title: Add case comment request properties for alerts + Cases_add_case_comment_request: + description: >- + The add comment to case API request body varies depending on whether you + are adding an alert or a comment. + discriminator: + mapping: + alert: '#/components/schemas/Cases_add_alert_comment_request_properties' + user: '#/components/schemas/Cases_add_user_comment_request_properties' + propertyName: type + oneOf: + - $ref: '#/components/schemas/Cases_add_alert_comment_request_properties' + - $ref: '#/components/schemas/Cases_add_user_comment_request_properties' + title: Add case comment request + Cases_add_user_comment_request_properties: + description: Defines properties for case comment requests when type is user. + properties: + comment: + description: The new comment. It is required only when `type` is `user`. + example: A new comment. + maxLength: 30000 + type: string + owner: + $ref: '#/components/schemas/Cases_owners' + type: + description: The type of comment. + enum: + - user + example: user + type: string + required: + - comment + - owner + - type + title: Add case comment request properties for user comments + type: object + Cases_alert_comment_response_properties: + title: Add case comment response properties for alerts + type: object + properties: + alertId: + items: + example: a6e12ac4-7bce-457b-84f6-d7ce8deb8446 + type: string + type: array + created_at: + example: '2023-11-06T19:29:38.424Z' + format: date-time + type: string + created_by: + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + id: + example: 73362370-ab1a-11ec-985f-97e55adae8b9 + type: string + index: + items: + example: .internal.alerts-security.alerts-default-000001 + type: string + type: array + owner: + $ref: '#/components/schemas/Cases_owners' + pushed_at: + example: null + format: date-time + nullable: true + type: string + pushed_by: + nullable: true + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + rule: + type: object + properties: + id: + description: The rule identifier. + example: 94d80550-aaf4-11ec-985f-97e55adae8b9 + type: string + name: + description: The rule name. + example: security_rule + type: string + type: + enum: + - alert + example: alert + type: string + updated_at: + format: date-time + nullable: true + type: string + updated_by: + nullable: true + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + version: + example: WzMwNDgsMV0= + type: string + required: + - type + Cases_alert_identifiers: + description: > + The alert identifiers. It is required only when `type` is `alert`. You + can use an array of strings to add multiple alerts to a case, provided + that they all relate to the same rule; `index` must also be an array + with the same length or number of elements. Adding multiple alerts in + this manner is recommended rather than calling the API multiple times. + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + example: 6b24c4dc44bc720cfc92797f3d61fff952f2b2627db1fb4f8cc49f4530c4ff42 + oneOf: + - type: string + - items: + type: string + maxItems: 1000 + type: array + title: Alert identifiers + x-technical-preview: true + Cases_alert_indices: + description: > + The alert indices. It is required only when `type` is `alert`. If you + are adding multiple alerts to a case, use an array of strings; the + position of each index name in the array must match the position of the + corresponding alert identifier in the `alertId` array. This + functionality is in technical preview and may be changed or removed in a + future release. Elastic will work to fix any issues, but features in + technical preview are not subject to the support SLA of official GA + features. + oneOf: + - type: string + - items: + type: string + maxItems: 1000 + type: array + title: Alert indices + x-technical-preview: true + Cases_alert_response_properties: + type: object + properties: + attached_at: + format: date-time + type: string + id: + description: The alert identifier. + type: string + index: + description: The alert index. + type: string + Cases_assignees: + description: An array containing users that are assigned to the case. + items: + type: object + properties: + uid: + description: >- + A unique identifier for the user profile. These identifiers can be + found by using the suggest user profile API. + example: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0 + type: string + required: + - uid + maxItems: 10 + nullable: true + type: array + Cases_case_category: + description: A word or phrase that categorizes the case. + maxLength: 50 + type: string + Cases_case_description: + description: The description for the case. + maxLength: 30000 + type: string + Cases_case_response_closed_by_properties: + nullable: true + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + title: Case response properties for closed_by + type: object + Cases_case_response_created_by_properties: + title: Case response properties for created_by + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + Cases_case_response_properties: + title: Case response properties + type: object + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + category: + description: The case category. + nullable: true + type: string + closed_at: + format: date-time + nullable: true + type: string + closed_by: + $ref: '#/components/schemas/Cases_case_response_closed_by_properties' + comments: + description: An array of comment objects for the case. + items: + discriminator: + mapping: + alert: '#/components/schemas/Cases_alert_comment_response_properties' + user: '#/components/schemas/Cases_user_comment_response_properties' + propertyName: type + oneOf: + - $ref: '#/components/schemas/Cases_alert_comment_response_properties' + - $ref: '#/components/schemas/Cases_user_comment_response_properties' + maxItems: 10000 + title: Case response properties for comments + type: array + connector: + discriminator: + mapping: + .cases-webhook: '#/components/schemas/Cases_connector_properties_cases_webhook' + .jira: '#/components/schemas/Cases_connector_properties_jira' + .none: '#/components/schemas/Cases_connector_properties_none' + .resilient: '#/components/schemas/Cases_connector_properties_resilient' + .servicenow: '#/components/schemas/Cases_connector_properties_servicenow' + .servicenow-sir: '#/components/schemas/Cases_connector_properties_servicenow_sir' + .swimlane: '#/components/schemas/Cases_connector_properties_swimlane' + propertyName: type + oneOf: + - $ref: '#/components/schemas/Cases_connector_properties_none' + - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook' + - $ref: '#/components/schemas/Cases_connector_properties_jira' + - $ref: '#/components/schemas/Cases_connector_properties_resilient' + - $ref: '#/components/schemas/Cases_connector_properties_servicenow' + - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir' + - $ref: '#/components/schemas/Cases_connector_properties_swimlane' + title: Case response properties for connectors + created_at: + example: '2022-05-13T09:16:17.416Z' + format: date-time + type: string + created_by: + $ref: '#/components/schemas/Cases_case_response_created_by_properties' + customFields: + description: Custom field values for the case. + items: + type: object + properties: + key: + description: > + The unique identifier for the custom field. The key value must + exist in the case configuration settings. + type: string + type: + description: > + The custom field type. It must match the type specified in the + case configuration settings. + enum: + - text + - toggle + type: string + value: + description: > + The custom field value. If the custom field is required, it + cannot be explicitly set to null. However, for cases that + existed when the required custom field was added, the default + value stored in Elasticsearch is `undefined`. The value + returned in the API and user interface in this case is `null`. + oneOf: + - maxLength: 160 + minLength: 1 + nullable: true + type: string + - type: boolean + type: array + description: + example: A case description. + type: string + duration: + description: > + The elapsed time from the creation of the case to its closure (in + seconds). If the case has not been closed, the duration is set to + null. If the case was closed after less than half a second, the + duration is rounded down to zero. + example: 120 + nullable: true + type: integer + external_service: + $ref: '#/components/schemas/Cases_external_service' + id: + example: 66b9aa00-94fa-11ea-9f74-e7e108796192 + type: string + owner: + $ref: '#/components/schemas/Cases_owners' + settings: + $ref: '#/components/schemas/Cases_settings' + severity: + $ref: '#/components/schemas/Cases_case_severity' + status: + $ref: '#/components/schemas/Cases_case_status' + tags: + example: + - tag-1 + items: + type: string + type: array + title: + example: Case title 1 + type: string + totalAlerts: + example: 0 + type: integer + totalComment: + example: 0 + type: integer + updated_at: + format: date-time + nullable: true + type: string + updated_by: + $ref: '#/components/schemas/Cases_case_response_updated_by_properties' + version: + example: WzUzMiwxXQ== + type: string + required: + - closed_at + - closed_by + - comments + - connector + - created_at + - created_by + - description + - duration + - external_service + - id + - owner + - settings + - severity + - status + - tags + - title + - totalAlerts + - totalComment + - updated_at + - updated_by + - version + Cases_case_response_pushed_by_properties: + nullable: true + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + title: Case response properties for pushed_by + type: object + Cases_case_response_updated_by_properties: + nullable: true + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + title: Case response properties for updated_by + type: object + Cases_case_severity: + default: low + description: The severity of the case. + enum: + - critical + - high + - low + - medium + type: string + Cases_case_status: + description: The status of the case. + enum: + - closed + - in-progress + - open + type: string + Cases_case_tags: + description: > + The words and phrases that help categorize cases. It can be an empty + array. + items: + maxLength: 256 + type: string + maxItems: 200 + type: array + Cases_case_title: + description: A title for the case. + maxLength: 160 + type: string + Cases_closure_types: + description: >- + Indicates whether a case is automatically closed when it is pushed to + external systems (`close-by-pushing`) or not automatically closed + (`close-by-user`). + enum: + - close-by-pushing + - close-by-user + example: close-by-user + type: string + Cases_connector_properties_cases_webhook: + description: Defines properties for connectors when type is `.cases-webhook`. + type: object + properties: + fields: + example: null + nullable: true + type: string + id: + description: >- + The identifier for the connector. To retrieve connector IDs, use the + find connectors API. + type: string + name: + description: The name of the connector. + type: string + type: + description: The type of connector. + enum: + - .cases-webhook + example: .cases-webhook + type: string + required: + - fields + - id + - name + - type + title: Create or upate case request properties for Cases Webhook connector + Cases_connector_properties_jira: + description: Defines properties for connectors when type is `.jira`. + type: object + properties: + fields: + description: >- + An object containing the connector fields. If you want to omit any + individual field, specify null as its value. + type: object + properties: + issueType: + description: The type of issue. + nullable: true + type: string + parent: + description: The key of the parent issue, when the issue type is sub-task. + nullable: true + type: string + priority: + description: The priority of the issue. + nullable: true + type: string + required: + - issueType + - parent + - priority + id: + description: >- + The identifier for the connector. To retrieve connector IDs, use the + find connectors API. + type: string + name: + description: The name of the connector. + type: string + type: + description: The type of connector. + enum: + - .jira + example: .jira + type: string + required: + - fields + - id + - name + - type + title: Create or update case request properties for a Jira connector + Cases_connector_properties_none: + description: Defines properties for connectors when type is `.none`. + type: object + properties: + fields: + description: >- + An object containing the connector fields. To create a case without + a connector, specify null. To update a case to remove the connector, + specify null. + example: null + nullable: true + type: string + id: + description: >- + The identifier for the connector. To create a case without a + connector, use `none`. To update a case to remove the connector, + specify `none`. + example: none + type: string + name: + description: >- + The name of the connector. To create a case without a connector, use + `none`. To update a case to remove the connector, specify `none`. + example: none + type: string + type: + description: >- + The type of connector. To create a case without a connector, use + `.none`. To update a case to remove the connector, specify `.none`. + enum: + - .none + example: .none + type: string + required: + - fields + - id + - name + - type + title: Create or update case request properties for no connector + Cases_connector_properties_resilient: + description: Defines properties for connectors when type is `.resilient`. + type: object + properties: + fields: + description: >- + An object containing the connector fields. If you want to omit any + individual field, specify null as its value. + nullable: true + type: object + properties: + issueTypes: + description: The type of incident. + items: + type: string + type: array + severityCode: + description: The severity code of the incident. + type: string + required: + - issueTypes + - severityCode + id: + description: The identifier for the connector. + type: string + name: + description: The name of the connector. + type: string + type: + description: The type of connector. + enum: + - .resilient + example: .resilient + type: string + required: + - fields + - id + - name + - type + title: Create case request properties for a IBM Resilient connector + Cases_connector_properties_servicenow: + description: Defines properties for connectors when type is `.servicenow`. + type: object + properties: + fields: + description: >- + An object containing the connector fields. If you want to omit any + individual field, specify null as its value. + type: object + properties: + category: + description: The category of the incident. + nullable: true + type: string + impact: + description: The effect an incident had on business. + nullable: true + type: string + severity: + description: The severity of the incident. + nullable: true + type: string + subcategory: + description: The subcategory of the incident. + nullable: true + type: string + urgency: + description: The extent to which the incident resolution can be delayed. + nullable: true + type: string + required: + - category + - impact + - severity + - subcategory + - urgency + id: + description: >- + The identifier for the connector. To retrieve connector IDs, use the + find connectors API. + type: string + name: + description: The name of the connector. + type: string + type: + description: The type of connector. + enum: + - .servicenow + example: .servicenow + type: string + required: + - fields + - id + - name + - type + title: Create case request properties for a ServiceNow ITSM connector + Cases_connector_properties_servicenow_sir: + description: Defines properties for connectors when type is `.servicenow-sir`. + type: object + properties: + fields: + description: >- + An object containing the connector fields. If you want to omit any + individual field, specify null as its value. + type: object + properties: + category: + description: The category of the incident. + nullable: true + type: string + destIp: + description: >- + Indicates whether cases will send a comma-separated list of + destination IPs. + nullable: true + type: boolean + malwareHash: + description: >- + Indicates whether cases will send a comma-separated list of + malware hashes. + nullable: true + type: boolean + malwareUrl: + description: >- + Indicates whether cases will send a comma-separated list of + malware URLs. + nullable: true + type: boolean + priority: + description: The priority of the issue. + nullable: true + type: string + sourceIp: + description: >- + Indicates whether cases will send a comma-separated list of + source IPs. + nullable: true + type: boolean + subcategory: + description: The subcategory of the incident. + nullable: true + type: string + required: + - category + - destIp + - malwareHash + - malwareUrl + - priority + - sourceIp + - subcategory + id: + description: >- + The identifier for the connector. To retrieve connector IDs, use the + find connectors API. + type: string + name: + description: The name of the connector. + type: string + type: + description: The type of connector. + enum: + - .servicenow-sir + example: .servicenow-sir + type: string + required: + - fields + - id + - name + - type + title: Create case request properties for a ServiceNow SecOps connector + Cases_connector_properties_swimlane: + description: Defines properties for connectors when type is `.swimlane`. + type: object + properties: + fields: + description: >- + An object containing the connector fields. If you want to omit any + individual field, specify null as its value. + type: object + properties: + caseId: + description: The case identifier for Swimlane connectors. + nullable: true + type: string + required: + - caseId + id: + description: >- + The identifier for the connector. To retrieve connector IDs, use the + find connectors API. + type: string + name: + description: The name of the connector. + type: string + type: + description: The type of connector. + enum: + - .swimlane + example: .swimlane + type: string + required: + - fields + - id + - name + - type + title: Create case request properties for a Swimlane connector + Cases_connector_types: + description: The type of connector. + enum: + - .cases-webhook + - .jira + - .none + - .resilient + - .servicenow + - .servicenow-sir + - .swimlane + example: .none + type: string + Cases_create_case_request: + description: >- + The create case API request body varies depending on the type of + connector. + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + category: + $ref: '#/components/schemas/Cases_case_category' + connector: + oneOf: + - $ref: '#/components/schemas/Cases_connector_properties_none' + - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook' + - $ref: '#/components/schemas/Cases_connector_properties_jira' + - $ref: '#/components/schemas/Cases_connector_properties_resilient' + - $ref: '#/components/schemas/Cases_connector_properties_servicenow' + - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir' + - $ref: '#/components/schemas/Cases_connector_properties_swimlane' + customFields: + description: > + Custom field values for a case. Any optional custom fields that are + not specified in the request are set to null. + items: + type: object + properties: + key: + description: > + The unique identifier for the custom field. The key value must + exist in the case configuration settings. + type: string + type: + description: > + The custom field type. It must match the type specified in the + case configuration settings. + enum: + - text + - toggle + type: string + value: + description: > + The custom field value. If the custom field is required, it + cannot be explicitly set to null. However, for cases that + existed when the required custom field was added, the default + value stored in Elasticsearch is `undefined`. The value + returned in the API and user interface in this case is `null`. + oneOf: + - maxLength: 160 + minLength: 1 + nullable: true + type: string + - type: boolean + required: + - key + - type + - value + maxItems: 10 + minItems: 0 + type: array + description: + $ref: '#/components/schemas/Cases_case_description' + owner: + $ref: '#/components/schemas/Cases_owners' + settings: + $ref: '#/components/schemas/Cases_settings' + severity: + $ref: '#/components/schemas/Cases_case_severity' + tags: + $ref: '#/components/schemas/Cases_case_tags' + title: + $ref: '#/components/schemas/Cases_case_title' + required: + - connector + - description + - owner + - settings + - tags + - title + title: Create case request + type: object + Cases_external_service: + nullable: true + type: object + properties: + connector_id: + type: string + connector_name: + type: string + external_id: + type: string + external_title: + type: string + external_url: + type: string + pushed_at: + format: date-time + type: string + pushed_by: + nullable: true + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + Cases_owners: + description: > + The application that owns the cases: Stack Management, Observability, or + Elastic Security. + enum: + - cases + - observability + - securitySolution + example: cases + type: string + Cases_payload_alert_comment: + type: object + properties: + comment: + type: object + properties: + alertId: + oneOf: + - example: 1c0b056b-cc9f-4b61-b5c9-cb801abd5e1d + type: string + - items: + type: string + type: array + index: + oneOf: + - example: .alerts-observability.logs.alerts-default + type: string + - items: + type: string + type: array + owner: + $ref: '#/components/schemas/Cases_owners' + rule: + type: object + properties: + id: + description: The rule identifier. + example: 94d80550-aaf4-11ec-985f-97e55adae8b9 + type: string + name: + description: The rule name. + example: security_rule + type: string + type: + enum: + - alert + type: string + Cases_payload_assignees: + type: object + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + Cases_payload_connector: + type: object + properties: + connector: + type: object + properties: + fields: + description: >- + An object containing the connector fields. To create a case + without a connector, specify null. If you want to omit any + individual field, specify null as its value. + example: null + nullable: true + type: object + properties: + caseId: + description: The case identifier for Swimlane connectors. + type: string + category: + description: >- + The category of the incident for ServiceNow ITSM and + ServiceNow SecOps connectors. + type: string + destIp: + description: >- + Indicates whether cases will send a comma-separated list of + destination IPs for ServiceNow SecOps connectors. + nullable: true + type: boolean + impact: + description: >- + The effect an incident had on business for ServiceNow ITSM + connectors. + type: string + issueType: + description: The type of issue for Jira connectors. + type: string + issueTypes: + description: The type of incident for IBM Resilient connectors. + items: + type: string + type: array + malwareHash: + description: >- + Indicates whether cases will send a comma-separated list of + malware hashes for ServiceNow SecOps connectors. + nullable: true + type: boolean + malwareUrl: + description: >- + Indicates whether cases will send a comma-separated list of + malware URLs for ServiceNow SecOps connectors. + nullable: true + type: boolean + parent: + description: >- + The key of the parent issue, when the issue type is sub-task + for Jira connectors. + type: string + priority: + description: >- + The priority of the issue for Jira and ServiceNow SecOps + connectors. + type: string + severity: + description: The severity of the incident for ServiceNow ITSM connectors. + type: string + severityCode: + description: >- + The severity code of the incident for IBM Resilient + connectors. + type: string + sourceIp: + description: >- + Indicates whether cases will send a comma-separated list of + source IPs for ServiceNow SecOps connectors. + nullable: true + type: boolean + subcategory: + description: >- + The subcategory of the incident for ServiceNow ITSM + connectors. + type: string + urgency: + description: >- + The extent to which the incident resolution can be delayed + for ServiceNow ITSM connectors. + type: string + id: + description: >- + The identifier for the connector. To create a case without a + connector, use `none`. + example: none + type: string + name: + description: >- + The name of the connector. To create a case without a connector, + use `none`. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + Cases_payload_create_case: + type: object + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + connector: + type: object + properties: + fields: + description: >- + An object containing the connector fields. To create a case + without a connector, specify null. If you want to omit any + individual field, specify null as its value. + example: null + nullable: true + type: object + properties: + caseId: + description: The case identifier for Swimlane connectors. + type: string + category: + description: >- + The category of the incident for ServiceNow ITSM and + ServiceNow SecOps connectors. + type: string + destIp: + description: >- + Indicates whether cases will send a comma-separated list of + destination IPs for ServiceNow SecOps connectors. + nullable: true + type: boolean + impact: + description: >- + The effect an incident had on business for ServiceNow ITSM + connectors. + type: string + issueType: + description: The type of issue for Jira connectors. + type: string + issueTypes: + description: The type of incident for IBM Resilient connectors. + items: + type: string + type: array + malwareHash: + description: >- + Indicates whether cases will send a comma-separated list of + malware hashes for ServiceNow SecOps connectors. + nullable: true + type: boolean + malwareUrl: + description: >- + Indicates whether cases will send a comma-separated list of + malware URLs for ServiceNow SecOps connectors. + nullable: true + type: boolean + parent: + description: >- + The key of the parent issue, when the issue type is sub-task + for Jira connectors. + type: string + priority: + description: >- + The priority of the issue for Jira and ServiceNow SecOps + connectors. + type: string + severity: + description: The severity of the incident for ServiceNow ITSM connectors. + type: string + severityCode: + description: >- + The severity code of the incident for IBM Resilient + connectors. + type: string + sourceIp: + description: >- + Indicates whether cases will send a comma-separated list of + source IPs for ServiceNow SecOps connectors. + nullable: true + type: boolean + subcategory: + description: >- + The subcategory of the incident for ServiceNow ITSM + connectors. + type: string + urgency: + description: >- + The extent to which the incident resolution can be delayed + for ServiceNow ITSM connectors. + type: string + id: + description: >- + The identifier for the connector. To create a case without a + connector, use `none`. + example: none + type: string + name: + description: >- + The name of the connector. To create a case without a connector, + use `none`. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + description: + type: string + owner: + $ref: '#/components/schemas/Cases_owners' + settings: + $ref: '#/components/schemas/Cases_settings' + severity: + $ref: '#/components/schemas/Cases_case_severity' + status: + $ref: '#/components/schemas/Cases_case_status' + tags: + items: + example: + - tag-1 + type: string + type: array + title: + type: string + Cases_payload_delete: + description: >- + If the `action` is `delete` and the `type` is `delete_case`, the payload + is nullable. + nullable: true + type: object + Cases_payload_description: + type: object + properties: + description: + type: string + Cases_payload_pushed: + type: object + properties: + externalService: + $ref: '#/components/schemas/Cases_external_service' + Cases_payload_settings: + type: object + properties: + settings: + $ref: '#/components/schemas/Cases_settings' + Cases_payload_severity: + type: object + properties: + severity: + $ref: '#/components/schemas/Cases_case_severity' + Cases_payload_status: + type: object + properties: + status: + $ref: '#/components/schemas/Cases_case_status' + Cases_payload_tags: + type: object + properties: + tags: + example: + - tag-1 + items: + type: string + type: array + Cases_payload_title: + type: object + properties: + title: + type: string + Cases_payload_user_comment: + type: object + properties: + comment: + type: object + properties: + comment: + type: string + owner: + $ref: '#/components/schemas/Cases_owners' + type: + enum: + - user + type: string + Cases_rule: + description: > + The rule that is associated with the alerts. It is required only when + `type` is `alert`. This functionality is in technical preview and may be + changed or removed in a future release. Elastic will work to fix any + issues, but features in technical preview are not subject to the support + SLA of official GA features. + title: Alerting rule + type: object + properties: + id: + description: The rule identifier. + example: 94d80550-aaf4-11ec-985f-97e55adae8b9 + type: string + name: + description: The rule name. + example: security_rule + type: string + x-technical-preview: true + Cases_searchFieldsType: + description: The fields to perform the `simple_query_string` parsed query against. + enum: + - description + - title + type: string + Cases_set_case_configuration_request: + description: >- + External connection details, such as the closure type and default + connector for cases. + properties: + closure_type: + $ref: '#/components/schemas/Cases_closure_types' + connector: + description: An object that contains the connector configuration. + type: object + properties: + fields: + description: >- + The fields specified in the case configuration are not used and + are not propagated to individual cases, therefore it is + recommended to set it to `null`. + nullable: true + type: object + id: + description: >- + The identifier for the connector. If you do not want a default + connector, use `none`. To retrieve connector IDs, use the find + connectors API. + example: none + type: string + name: + description: >- + The name of the connector. If you do not want a default + connector, use `none`. To retrieve connector names, use the find + connectors API. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + required: + - fields + - id + - name + - type + customFields: + description: Custom fields case configuration. + items: + type: object + properties: + defaultValue: + description: > + A default value for the custom field. If the `type` is `text`, + the default value must be a string. If the `type` is `toggle`, + the default value must be boolean. + oneOf: + - type: string + - type: boolean + key: + description: > + A unique key for the custom field. Must be lower case and + composed only of a-z, 0-9, '_', and '-' characters. It is used + in API calls to refer to a specific custom field. + maxLength: 36 + minLength: 1 + type: string + label: + description: The custom field label that is displayed in the case. + maxLength: 50 + minLength: 1 + type: string + type: + description: The type of the custom field. + enum: + - text + - toggle + type: string + required: + description: > + Indicates whether the field is required. If `false`, the + custom field can be set to null or omitted when a case is + created or updated. + type: boolean + required: + - key + - label + - required + - type + maxItems: 10 + minItems: 0 + type: array + owner: + $ref: '#/components/schemas/Cases_owners' + templates: + $ref: '#/components/schemas/Cases_templates' + required: + - closure_type + - connector + - owner + title: Set case configuration request + type: object + Cases_settings: + description: An object that contains the case settings. + type: object + properties: + syncAlerts: + description: Turns alert syncing on or off. + example: true + type: boolean + required: + - syncAlerts + Cases_template_tags: + description: > + The words and phrases that help categorize templates. It can be an empty + array. + items: + maxLength: 256 + type: string + maxItems: 200 + type: array + Cases_templates: + items: + type: object + properties: + caseFields: + type: object + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + category: + $ref: '#/components/schemas/Cases_case_category' + connector: + type: object + properties: + fields: + description: >- + The fields specified in the case configuration are not + used and are not propagated to individual cases, therefore + it is recommended to set it to `null`. + nullable: true + type: object + id: + description: >- + The identifier for the connector. If you do not want a + default connector, use `none`. To retrieve connector IDs, + use the find connectors API. + example: none + type: string + name: + description: >- + The name of the connector. If you do not want a default + connector, use `none`. To retrieve connector names, use + the find connectors API. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + customFields: + description: Custom field values in the template. + items: + type: object + properties: + key: + description: The unique key for the custom field. + type: string + type: + description: The type of the custom field. + enum: + - text + - toggle + type: string + value: + description: > + The default value for the custom field when a case uses + the template. If the `type` is `text`, the default value + must be a string. If the `type` is `toggle`, the default + value must be boolean. + oneOf: + - type: string + - type: boolean + type: array + x-technical-preview: true + description: + $ref: '#/components/schemas/Cases_case_description' + settings: + $ref: '#/components/schemas/Cases_settings' + severity: + $ref: '#/components/schemas/Cases_case_severity' + tags: + $ref: '#/components/schemas/Cases_case_tags' + title: + $ref: '#/components/schemas/Cases_case_title' + description: + description: A description for the template. + type: string + key: + description: > + A unique key for the template. Must be lower case and composed + only of a-z, 0-9, '_', and '-' characters. It is used in API calls + to refer to a specific template. + type: string + name: + description: The name of the template. + type: string + tags: + $ref: '#/components/schemas/Cases_template_tags' + type: array + x-technical-preview: true + Cases_update_alert_comment_request_properties: + description: Defines properties for case comment requests when type is alert. + type: object + properties: + alertId: + $ref: '#/components/schemas/Cases_alert_identifiers' + id: + description: > + The identifier for the comment. To retrieve comment IDs, use the get + comments API. + example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 + type: string + index: + $ref: '#/components/schemas/Cases_alert_indices' + owner: + $ref: '#/components/schemas/Cases_owners' + rule: + $ref: '#/components/schemas/Cases_rule' + type: + description: The type of comment. + enum: + - alert + example: alert + type: string + version: + description: > + The current comment version. To retrieve version values, use the get + comments API. + example: Wzk1LDFd + type: string + required: + - alertId + - id + - index + - owner + - rule + - type + - version + title: Update case comment request properties for alerts + Cases_update_case_comment_request: + description: >- + The update case comment API request body varies depending on whether you + are updating an alert or a comment. + discriminator: + mapping: + alert: '#/components/schemas/Cases_update_alert_comment_request_properties' + user: '#/components/schemas/Cases_update_user_comment_request_properties' + propertyName: type + oneOf: + - $ref: '#/components/schemas/Cases_update_alert_comment_request_properties' + - $ref: '#/components/schemas/Cases_update_user_comment_request_properties' + title: Update case comment request + Cases_update_case_configuration_request: + description: > + You can update settings such as the closure type, custom fields, + templates, and the default connector for cases. + properties: + closure_type: + $ref: '#/components/schemas/Cases_closure_types' + connector: + description: An object that contains the connector configuration. + type: object + properties: + fields: + description: >- + The fields specified in the case configuration are not used and + are not propagated to individual cases, therefore it is + recommended to set it to `null`. + nullable: true + type: object + id: + description: >- + The identifier for the connector. If you do not want a default + connector, use `none`. To retrieve connector IDs, use the find + connectors API. + example: none + type: string + name: + description: >- + The name of the connector. If you do not want a default + connector, use `none`. To retrieve connector names, use the find + connectors API. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + required: + - fields + - id + - name + - type + customFields: + description: Custom fields case configuration. + items: + type: object + properties: + defaultValue: + description: > + A default value for the custom field. If the `type` is `text`, + the default value must be a string. If the `type` is `toggle`, + the default value must be boolean. + oneOf: + - type: string + - type: boolean + key: + description: > + A unique key for the custom field. Must be lower case and + composed only of a-z, 0-9, '_', and '-' characters. It is used + in API calls to refer to a specific custom field. + maxLength: 36 + minLength: 1 + type: string + label: + description: The custom field label that is displayed in the case. + maxLength: 50 + minLength: 1 + type: string + type: + description: The type of the custom field. + enum: + - text + - toggle + type: string + required: + description: > + Indicates whether the field is required. If `false`, the + custom field can be set to null or omitted when a case is + created or updated. + type: boolean + required: + - key + - label + - required + - type + type: array + templates: + $ref: '#/components/schemas/Cases_templates' + version: + description: > + The version of the connector. To retrieve the version value, use the + get configuration API. + example: WzIwMiwxXQ== + type: string + required: + - version + title: Update case configuration request + type: object + Cases_update_case_request: + description: >- + The update case API request body varies depending on the type of + connector. + properties: + cases: + description: An array containing one or more case objects. + items: + type: object + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + category: + $ref: '#/components/schemas/Cases_case_category' + connector: + oneOf: + - $ref: '#/components/schemas/Cases_connector_properties_none' + - $ref: >- + #/components/schemas/Cases_connector_properties_cases_webhook + - $ref: '#/components/schemas/Cases_connector_properties_jira' + - $ref: '#/components/schemas/Cases_connector_properties_resilient' + - $ref: '#/components/schemas/Cases_connector_properties_servicenow' + - $ref: >- + #/components/schemas/Cases_connector_properties_servicenow_sir + - $ref: '#/components/schemas/Cases_connector_properties_swimlane' + customFields: + description: > + Custom field values for a case. Any optional custom fields + that are not specified in the request are set to null. + items: + type: object + properties: + key: + description: > + The unique identifier for the custom field. The key + value must exist in the case configuration settings. + type: string + type: + description: > + The custom field type. It must match the type specified + in the case configuration settings. + enum: + - text + - toggle + type: string + value: + description: > + The custom field value. If the custom field is required, + it cannot be explicitly set to null. However, for cases + that existed when the required custom field was added, + the default value stored in Elasticsearch is + `undefined`. The value returned in the API and user + interface in this case is `null`. + oneOf: + - maxLength: 160 + minLength: 1 + nullable: true + type: string + - type: boolean + required: + - key + - type + - value + maxItems: 10 + minItems: 0 + type: array + description: + $ref: '#/components/schemas/Cases_case_description' + id: + description: The identifier for the case. + maxLength: 30000 + type: string + settings: + $ref: '#/components/schemas/Cases_settings' + severity: + $ref: '#/components/schemas/Cases_case_severity' + status: + $ref: '#/components/schemas/Cases_case_status' + tags: + $ref: '#/components/schemas/Cases_case_tags' + title: + $ref: '#/components/schemas/Cases_case_title' + version: + description: >- + The current version of the case. To determine this value, use + the get case or find cases APIs. + type: string + required: + - id + - version + maxItems: 100 + minItems: 1 + type: array + required: + - cases + title: Update case request + type: object + Cases_update_user_comment_request_properties: + description: Defines properties for case comment requests when type is user. + properties: + comment: + description: The new comment. It is required only when `type` is `user`. + example: A new comment. + maxLength: 30000 + type: string + id: + description: > + The identifier for the comment. To retrieve comment IDs, use the get + comments API. + example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 + type: string + owner: + $ref: '#/components/schemas/Cases_owners' + type: + description: The type of comment. + enum: + - user + example: user + type: string + version: + description: > + The current comment version. To retrieve version values, use the get + comments API. + example: Wzk1LDFd + type: string + required: + - comment + - id + - owner + - type + - version + title: Update case comment request properties for user comments + type: object + Cases_user_actions_find_response_properties: + type: object + properties: + action: + $ref: '#/components/schemas/Cases_actions' + comment_id: + example: 578608d0-03b1-11ed-920c-974bfa104448 + nullable: true + type: string + created_at: + example: '2022-05-13T09:16:17.416Z' + format: date-time + type: string + created_by: + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + id: + example: 22fd3e30-03b1-11ed-920c-974bfa104448 + type: string + owner: + $ref: '#/components/schemas/Cases_owners' + payload: + oneOf: + - $ref: '#/components/schemas/Cases_payload_alert_comment' + - $ref: '#/components/schemas/Cases_payload_assignees' + - $ref: '#/components/schemas/Cases_payload_connector' + - $ref: '#/components/schemas/Cases_payload_create_case' + - $ref: '#/components/schemas/Cases_payload_delete' + - $ref: '#/components/schemas/Cases_payload_description' + - $ref: '#/components/schemas/Cases_payload_pushed' + - $ref: '#/components/schemas/Cases_payload_settings' + - $ref: '#/components/schemas/Cases_payload_severity' + - $ref: '#/components/schemas/Cases_payload_status' + - $ref: '#/components/schemas/Cases_payload_tags' + - $ref: '#/components/schemas/Cases_payload_title' + - $ref: '#/components/schemas/Cases_payload_user_comment' + type: + description: The type of action. + enum: + - assignees + - create_case + - comment + - connector + - description + - pushed + - tags + - title + - status + - settings + - severity + example: create_case + type: string + version: + example: WzM1ODg4LDFd + type: string + required: + - action + - comment_id + - created_at + - created_by + - id + - owner + - payload + - type + - version + Cases_user_actions_response_properties: + type: object + properties: + action: + $ref: '#/components/schemas/Cases_actions' + action_id: + example: 22fd3e30-03b1-11ed-920c-974bfa104448 + type: string + case_id: + example: 22df07d0-03b1-11ed-920c-974bfa104448 + type: string + comment_id: + example: 578608d0-03b1-11ed-920c-974bfa104448 + nullable: true + type: string + created_at: + example: '2022-05-13T09:16:17.416Z' + format: date-time + type: string + created_by: + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + owner: + $ref: '#/components/schemas/Cases_owners' + payload: + oneOf: + - $ref: '#/components/schemas/Cases_payload_alert_comment' + - $ref: '#/components/schemas/Cases_payload_assignees' + - $ref: '#/components/schemas/Cases_payload_connector' + - $ref: '#/components/schemas/Cases_payload_create_case' + - $ref: '#/components/schemas/Cases_payload_delete' + - $ref: '#/components/schemas/Cases_payload_description' + - $ref: '#/components/schemas/Cases_payload_pushed' + - $ref: '#/components/schemas/Cases_payload_settings' + - $ref: '#/components/schemas/Cases_payload_severity' + - $ref: '#/components/schemas/Cases_payload_status' + - $ref: '#/components/schemas/Cases_payload_tags' + - $ref: '#/components/schemas/Cases_payload_title' + - $ref: '#/components/schemas/Cases_payload_user_comment' + type: + $ref: '#/components/schemas/Cases_action_types' + required: + - action + - action_id + - case_id + - comment_id + - created_at + - created_by + - owner + - payload + - type + Cases_user_comment_response_properties: + title: Case response properties for user comments + type: object + properties: + comment: + example: A new comment. + type: string + created_at: + example: '2022-05-13T09:16:17.416Z' + format: date-time + type: string + created_by: + $ref: '#/components/schemas/Cases_case_response_created_by_properties' + id: + example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 + type: string + owner: + $ref: '#/components/schemas/Cases_owners' + pushed_at: + example: null + format: date-time + nullable: true + type: string + pushed_by: + $ref: '#/components/schemas/Cases_case_response_pushed_by_properties' + type: + enum: + - user + example: user + type: string + updated_at: + example: null + format: date-time + nullable: true + type: string + updated_by: + $ref: '#/components/schemas/Cases_case_response_updated_by_properties' + version: + example: WzIwNDMxLDFd + type: string + required: + - type + Data_views_400_response: + title: Bad request + type: object + properties: + error: + example: Bad Request + type: string + message: + type: string + statusCode: + example: 400 + type: number + required: + - statusCode + - error + - message + Data_views_404_response: + type: object + properties: + error: + enum: + - Not Found + example: Not Found + type: string + message: + example: >- + Saved object [index-pattern/caaad6d0-920c-11ed-b36a-874bd1548a00] + not found + type: string + statusCode: + enum: + - 404 + example: 404 + type: integer + Data_views_allownoindex: + description: Allows the data view saved object to exist before the data is available. + type: boolean + Data_views_create_data_view_request_object: + title: Create data view request + type: object + properties: + data_view: + description: The data view object. + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldAttrs: + additionalProperties: + $ref: '#/components/schemas/Data_views_fieldattrs' + type: object + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + id: + type: string + name: + description: The data view name. + type: string + namespaces: + $ref: '#/components/schemas/Data_views_namespaces' + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + version: + type: string + required: + - title + override: + default: false + description: >- + Override an existing data view if a data view with the provided + title already exists. + type: boolean + required: + - data_view + Data_views_data_view_response_object: + title: Data view response properties + type: object + properties: + data_view: + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldAttrs: + additionalProperties: + $ref: '#/components/schemas/Data_views_fieldattrs' + type: object + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + id: + example: ff959d40-b880-11e8-a6d9-e546fe2bba5f + type: string + name: + description: The data view name. + type: string + namespaces: + $ref: '#/components/schemas/Data_views_namespaces' + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta_response' + version: + example: WzQ2LDJd + type: string + Data_views_fieldattrs: + description: A map of field attributes by field name. + type: object + properties: + count: + description: Popularity count for the field. + type: integer + customDescription: + description: Custom description for the field. + maxLength: 300 + type: string + customLabel: + description: Custom label for the field. + type: string + Data_views_fieldformats: + description: A map of field formats by field name. + type: object + Data_views_namespaces: + description: >- + An array of space identifiers for sharing the data view between multiple + spaces. + items: + default: default + type: string + type: array + Data_views_runtimefieldmap: + description: A map of runtime field definitions by field name. + type: object + properties: + script: + type: object + properties: + source: + description: Script for the runtime field. + type: string + type: + description: Mapping type of the runtime field. + type: string + required: + - script + - type + Data_views_sourcefilters: + description: The array of field names you want to filter out in Discover. + items: + type: object + properties: + value: + type: string + required: + - value + type: array + Data_views_swap_data_view_request_object: + title: Data view reference swap request + type: object + properties: + delete: + description: Deletes referenced saved object if all references are removed. + type: boolean + forId: + description: Limit the affected saved objects to one or more by identifier. + oneOf: + - type: string + - items: + type: string + type: array + forType: + description: Limit the affected saved objects by type. + type: string + fromId: + description: The saved object reference to change. + type: string + fromType: + description: > + Specify the type of the saved object reference to alter. The default + value is `index-pattern` for data views. + type: string + toId: + description: New saved object reference value to replace the old value. + type: string + required: + - fromId + - toId + Data_views_timefieldname: + description: The timestamp field name, which you use for time-based data views. + type: string + Data_views_title: + description: >- + Comma-separated list of data streams, indices, and aliases that you want + to search. Supports wildcards (`*`). + type: string + Data_views_type: + description: When set to `rollup`, identifies the rollup data views. + type: string + Data_views_typemeta: + description: >- + When you use rollup indices, contains the field list for the rollup data + view API endpoints. + type: object + properties: + aggs: + description: A map of rollup restrictions by aggregation type and field name. + type: object + params: + description: Properties for retrieving rollup fields. + type: object + required: + - aggs + - params + Data_views_typemeta_response: + description: >- + When you use rollup indices, contains the field list for the rollup data + view API endpoints. + nullable: true + type: object + properties: + aggs: + description: A map of rollup restrictions by aggregation type and field name. + type: object + params: + description: Properties for retrieving rollup fields. + type: object + Data_views_update_data_view_request_object: + title: Update data view request + type: object + properties: + data_view: + description: > + The data view properties you want to update. Only the specified + properties are updated in the data view. Unspecified fields stay as + they are persisted. + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + name: + type: string + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + refresh_fields: + default: false + description: Reloads the data view fields after the data view is updated. + type: boolean + required: + - data_view + Fleet_agent: + title: Agent + type: object + properties: + access_api_key: + type: string + access_api_key_id: + type: string + active: + type: boolean + components: + items: + $ref: '#/components/schemas/Fleet_agent_component' + type: array + default_api_key: + type: string + default_api_key_id: + type: string + enrolled_at: + type: string + id: + type: string + last_checkin: + type: string + local_metadata: + $ref: '#/components/schemas/Fleet_agent_metadata' + metrics: + type: object + properties: + cpu_avg: + description: >- + Average agent CPU usage during the last 5 minutes, number + between 0-1 + type: number + memory_size_byte_avg: + description: Average agent memory consumption during the last 5 minutes + type: number + policy_id: + type: string + policy_revision: + type: number + status: + $ref: '#/components/schemas/Fleet_agent_status' + type: + $ref: '#/components/schemas/Fleet_agent_type' + unenrolled_at: + type: string + unenrollment_started_at: + type: string + user_provided_metadata: + $ref: '#/components/schemas/Fleet_agent_metadata' + required: + - type + - active + - enrolled_at + - id + - status + Fleet_agent_action: + oneOf: + - properties: + ack_data: + type: string + data: + type: string + type: + enum: + - UNENROLL + - UPGRADE + - POLICY_REASSIGN + type: string + - properties: + data: + type: object + properties: + log_level: + enum: + - debug + - info + - warning + - error + nullable: true + type: string + type: + type: string + title: Agent action + Fleet_agent_component: + title: Agent component + type: object + properties: + id: + type: string + message: + type: string + status: + $ref: '#/components/schemas/Fleet_agent_component_status' + type: + type: string + units: + items: + $ref: '#/components/schemas/Fleet_agent_component_unit' + type: array + Fleet_agent_component_status: + enum: + - starting + - configuring + - healthy + - degraded + - failed + - stopping + - stopped + title: Agent component status + type: string + Fleet_agent_component_unit: + title: Agent component unit + type: object + properties: + id: + type: string + message: + type: string + payload: + type: object + status: + $ref: '#/components/schemas/Fleet_agent_component_status' + type: + $ref: '#/components/schemas/Fleet_agent_component_unit_type' + Fleet_agent_component_unit_type: + enum: + - input + - output + title: Agent component unit type + type: string + Fleet_agent_diagnostics: + title: Agent diagnostics + type: object + properties: + actionId: + type: string + createTime: + type: string + filePath: + type: string + id: + type: string + name: + type: string + status: + enum: + - READY + - AWAITING_UPLOAD + - DELETED + - IN_PROGRESS + required: + - id + - name + - createTime + - filePath + - actionId + - status + Fleet_agent_get_by_actions: + items: + items: + type: string + type: array + title: Agents get by action ids + type: array + Fleet_agent_metadata: + title: Agent metadata + type: object + Fleet_agent_policy: + title: Agent Policy + type: object + properties: + advanced_settings: + description: >- + Advanced settings stored in the agent policy, e.g. + agent_limits_go_max_procs + nullable: true + type: object + agent_features: + items: + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + items: + additionalProperties: + oneOf: + - type: string + - type: number + description: >- + User defined data tags that are added to all of the inputs. The + values can be strings or numbers. + type: object + type: array + id: + type: string + inactivity_timeout: + type: integer + is_protected: + description: >- + Indicates whether the agent policy has tamper protection enabled. + Default false. + type: boolean + keep_monitoring_alive: + description: >- + When set to true, monitoring will be enabled but logs/metrics + collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + type: object + properties: + limit: + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - metrics + - logs + type: string + type: array + monitoring_http: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + type: string + namespace: + type: string + overrides: + description: >- + Override settings that are defined in the agent policy. Input + settings cannot be overridden. The override option should be used + only in unusual circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + description: >- + This field is present only when retrieving a single agent policy, or + when retrieving a list of agent policies with the ?full=true + parameter + items: + $ref: '#/components/schemas/Fleet_package_policy' + type: array + revision: + type: number + supports_agentless: + description: >- + Indicates whether the agent policy supports agentless integrations. + Only allowed in a serverless environment. + type: boolean + unenroll_timeout: + type: integer + unprivileged_agents: + type: number + updated_by: + type: string + updated_on: + format: date-time + type: string + required: + - id + - status + - name + - namespace + Fleet_agent_policy_create_request: + title: Create agent policy request + type: object + properties: + agent_features: + items: + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + force: + description: Force agent policy creation even if packages are not verified. + type: boolean + global_data_tags: + items: + additionalProperties: + oneOf: + - type: string + - type: number + description: >- + User defined data tags that are added to all of the inputs. The + values can be strings or numbers. + type: object + type: array + id: + type: string + inactivity_timeout: + type: integer + is_protected: + type: boolean + monitoring_enabled: + items: + enum: + - metrics + - logs + type: string + type: array + monitoring_output_id: + nullable: true + type: string + name: + type: string + namespace: + type: string + unenroll_timeout: + type: integer + required: + - name + - namespace + Fleet_agent_policy_full: + oneOf: + - type: object + properties: + item: + type: string + - type: object + properties: + item: + $ref: '#/components/schemas/Fleet_full_agent_policy' + title: Agent policy full response + type: object + Fleet_agent_policy_update_request: + title: Update agent policy request + type: object + properties: + agent_features: + items: + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + force: + description: Force agent policy creation even if packages are not verified. + type: boolean + inactivity_timeout: + type: integer + is_protected: + type: boolean + monitoring_enabled: + items: + enum: + - metrics + - logs + type: string + type: array + monitoring_output_id: + nullable: true + type: string + name: + type: string + namespace: + type: string + unenroll_timeout: + type: integer + required: + - name + - namespace + Fleet_agent_status: + enum: + - offline + - error + - online + - inactive + - warning + title: Elastic Agent status + type: string + Fleet_agent_type: + enum: + - PERMANENT + - EPHEMERAL + - TEMPORARY + title: Agent type + type: string + Fleet_bulk_install_packages_response: + title: Bulk install packages response + type: object + properties: + items: + items: + type: object + properties: + name: + type: string + version: + type: string + type: array + response: + deprecated: true + items: + type: object + properties: + name: + type: string + version: + type: string + type: array + required: + - items + Fleet_bulk_upgrade_agents: + title: Bulk upgrade agents + type: object + properties: + agents: + oneOf: + - description: KQL query string, leave empty to action all agents + type: string + - description: list of agent IDs + items: + type: string + type: array + force: + description: Force upgrade, skipping validation (should be used with caution) + type: boolean + rollout_duration_seconds: + description: rolling upgrade window duration in seconds + type: number + skipRateLimitCheck: + description: Skip rate limit check for upgrade + type: boolean + source_uri: + description: alternative upgrade binary download url + type: string + start_time: + description: start time of upgrade in ISO 8601 format + type: string + version: + description: version to upgrade to + type: string + required: + - agents + - version + Fleet_data_stream: + title: Data stream + type: object + properties: + dashboard: + items: + type: object + properties: + id: + type: string + title: + type: string + type: array + dataset: + type: string + index: + type: string + last_activity_ms: + type: number + namespace: + type: string + package: + type: string + package_version: + type: string + size_in_bytes: + type: number + size_in_bytes_formatted: + type: string + type: + type: string + Fleet_download_sources: + title: Download Source + type: object + properties: + host: + type: string + id: + type: string + is_default: + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. See the proxies + API for more information. + nullable: true + type: string + required: + - is_default + - name + - host + Fleet_elasticsearch_asset_type: + enum: + - component_template + - ingest_pipeline + - index_template + - ilm_policy + - transform + - data_stream_ilm_policy + title: Elasticsearch asset type + type: string + Fleet_enrollment_api_key: + title: Enrollment API key + type: object + properties: + active: + description: >- + When false, the enrollment API key is revoked and cannot be used for + enrolling Elastic Agents. + type: boolean + api_key: + description: The enrollment API key (token) used for enrolling Elastic Agents. + type: string + api_key_id: + description: The ID of the API key in the Security API. + type: string + created_at: + type: string + id: + type: string + name: + description: The name of the enrollment API key. + type: string + policy_id: + description: The ID of the agent policy the Elastic Agent will be enrolled in. + type: string + required: + - id + - api_key_id + - api_key + - active + - created_at + Fleet_fleet_server_host: + title: Fleet Server Host + type: object + properties: + host_urls: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + type: string + required: + - fleet_server_hosts + - id + - is_default + - is_preconfigured + - host_urls + Fleet_fleet_settings_response: + title: Fleet settings response + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_settings' + required: + - item + Fleet_fleet_setup_response: + title: Fleet Setup response + type: object + properties: + isInitialized: + type: boolean + nonFatalErrors: + items: + type: object + properties: + message: + type: string + name: + type: string + required: + - name + - message + type: array + required: + - isInitialized + - nonFatalErrors + Fleet_fleet_status_response: + title: Fleet status response + type: object + properties: + isReady: + type: boolean + missing_optional_features: + items: + enum: + - encrypted_saved_object_encryption_key_required + type: string + type: array + missing_requirements: + items: + enum: + - tls_required + - api_keys + - fleet_admin_user + - fleet_server + type: string + type: array + package_verification_key_id: + type: string + required: + - isReady + - missing_requirements + - missing_optional_features + Fleet_full_agent_policy: + title: Full agent policy + type: object + properties: + agent: + nullable: true + type: string + fleet: + oneOf: + - type: object + properties: + hosts: + items: + type: string + type: array + proxy_headers: {} + proxy_url: + type: string + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + renegotiation: + type: string + verification_mode: + type: string + - type: object + properties: + kibana: + type: object + properties: + hosts: + items: + type: string + type: array + path: + type: string + protocol: + type: string + id: + type: string + inputs: + type: string + monitoring: + type: object + properties: + diagnostics: + type: object + properties: + limit: + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + enabled: + type: boolean + http: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: number + required: + - enabled + logs: + type: boolean + metrics: + type: boolean + namespace: + type: string + pprof: + type: object + properties: + enabled: + type: boolean + required: + - enabled + traces: + type: boolean + use_output: + type: string + required: + - enabled + - metrics + - logs + - traces + output_permissions: + additionalProperties: + type: object + properties: + data: + $ref: >- + #/components/schemas/Fleet_full_agent_policy_output_permissions + output: + type: integer + type: object + outputs: + additionalProperties: + $ref: '#/components/schemas/Fleet_full_agent_policy_output' + type: object + revision: + type: number + secret_references: + items: + type: object + properties: + id: + type: string + type: array + required: + - id + - outputs + - inputs + Fleet_full_agent_policy_input: + allOf: + - additionalProperties: true + type: object + properties: + data_stream: + type: object + properties: + namespace: + type: string + required: + - namespace + id: + type: string + meta: + additionalProperties: true + type: object + properties: + package: + type: object + properties: + name: + type: string + version: + type: string + required: + - name + - version + name: + type: string + revision: + type: number + streams: + $ref: '#/components/schemas/Fleet_full_agent_policy_input_stream' + type: + type: string + use_output: + type: string + required: + - id + - name + - revision + - type + - data_stream + - use_output + title: Full agent policy input + Fleet_full_agent_policy_input_stream: + allOf: + - additionalProperties: true + type: object + properties: + data_stream: + type: object + properties: + dataset: + type: string + type: + type: string + required: + - dataset + - type + id: + type: string + required: + - id + - data_stream + title: Full agent policy input stream + Fleet_full_agent_policy_output: + title: Full agent policy + type: object + properties: + additionalProperties: + type: object + properties: + text: {} + ca_sha256: + nullable: true + type: string + hosts: + items: + type: string + type: array + proxy_headers: {} + proxy_url: + type: string + type: {} + required: + - type + - hosts + - ca_sha256 + Fleet_full_agent_policy_output_permissions: + additionalProperties: + type: object + properties: + data: + type: object + properties: + cluster: + items: + type: string + type: array + indices: + items: + type: object + properties: + names: + items: + type: string + type: array + privileges: + items: + type: string + type: array + type: array + packagePolicyName: + type: string + title: Full agent policy output permissions + Fleet_get_agent_tags_response: + title: Get Agent Tags response + type: object + properties: + items: + items: + type: string + type: array + Fleet_get_agents_response: + title: Get Agent response + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_agent' + type: array + list: + deprecated: true + items: + $ref: '#/components/schemas/Fleet_agent' + type: array + page: + type: number + perPage: + type: number + statusSummary: + type: object + properties: + degraded': + type: number + enrolling: + type: number + error: + type: number + inactive: + type: number + offline: + type: number + online: + type: number + unenrolled: + type: number + unenrolling: + type: number + updating: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + Fleet_get_bulk_assets_response: + deprecated: true + properties: + items: + items: + type: object + properties: + appLink: + type: string + attributes: + type: object + properties: + description: + type: string + title: + type: string + id: + type: string + type: + $ref: '#/components/schemas/Fleet_saved_object_type' + updatedAt: + type: string + type: array + required: + - items + title: Bulk get assets response + type: object + Fleet_get_categories_response: + title: Get categories response + type: object + properties: + items: + items: + type: object + properties: + count: + type: number + id: + type: string + title: + type: string + required: + - id + - title + - count + type: array + response: + items: + deprecated: true + type: object + properties: + count: + type: number + id: + type: string + title: + type: string + required: + - id + - title + - count + type: array + required: + - items + Fleet_get_packages_response: + title: Get Packages response + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_search_result' + type: array + response: + deprecated: true + items: + $ref: '#/components/schemas/Fleet_search_result' + type: array + required: + - items + Fleet_installation_info: + title: Installation info object + type: object + properties: + created_at: + type: string + experimental_data_stream_features: + type: array + properties: + data_stream: + type: string + features: + type: object + properties: + doc_value_only_numeric: + nullable: true + type: boolean + doc_value_only_other: + nullable: true + type: boolean + synthetic_source: + nullable: true + type: boolean + tsdb: + nullable: true + type: boolean + install_format_schema_version: + type: string + install_kibana_space_id: + type: string + install_source: + enum: + - registry + - upload + - bundled + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + $ref: '#/components/schemas/Fleet_elasticsearch_asset_type' + installed_kibana: + type: object + properties: + id: + type: string + type: + $ref: '#/components/schemas/Fleet_kibana_saved_object_type' + latest_executed_state: + description: Latest successfully executed state in package install state machine + type: object + properties: + error: + type: string + name: + enum: + - create_restart_installation + - install_kibana_assets + - install_ilm_policies + - install_ml_model + - install_index_template_pipelines + - remove_legacy_templates + - update_current_write_indices + - install_transforms + - delete_previous_pipelines + - save_archive_entries_from_assets_map + - update_so + type: string + started_at: + type: string + latest_install_failed_attempts: + description: Latest failed install errors + items: + type: object + properties: + created_at: + type: string + error: + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + target_version: + type: string + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - verified + - unverified + - unknown + type: string + version: + type: string + required: + - installed_kibana + - installed_es + - name + - version + - install_status + - install_version + - install_started_at + - install_source + - verification_status + - latest_install_failed_attempts + Fleet_kibana_saved_object_type: + enum: + - dashboard + - visualization + - search + - index-pattern + - map + - lens + - ml-module + - security-rule + - csp_rule_template + title: Kibana saved object asset type + type: string + Fleet_new_package_policy: + description: '' + properties: + description: + type: string + enabled: + type: boolean + inputs: + items: + type: object + properties: + config: + type: object + enabled: + type: boolean + processors: + items: + type: string + type: array + streams: + items: {} + type: array + type: + type: string + vars: + type: object + required: + - type + - enabled + type: array + name: + type: string + namespace: + type: string + output_id: + type: string + overrides: + type: object + package: + type: object + properties: + name: + type: string + requires_root: + type: boolean + title: + type: string + version: + type: string + required: + - name + - version + policy_id: + deprecated: true + nullable: true + type: string + policy_ids: + items: + type: string + type: array + required: + - inputs + - name + title: New package policy + type: object + Fleet_output_create_request: + discriminator: + mapping: + elasticsearch: '#/components/schemas/Fleet_output_create_request_elasticsearch' + kafka: '#/components/schemas/Fleet_output_create_request_kafka' + logstash: '#/components/schemas/Fleet_output_create_request_logstash' + remote_elasticsearch: >- + #/components/schemas/Fleet_output_create_request_remote_elasticsearch + propertyName: type + oneOf: + - $ref: '#/components/schemas/Fleet_output_create_request_elasticsearch' + - $ref: '#/components/schemas/Fleet_output_create_request_kafka' + - $ref: '#/components/schemas/Fleet_output_create_request_logstash' + - $ref: >- + #/components/schemas/Fleet_output_create_request_remote_elasticsearch + title: Output + Fleet_output_create_request_elasticsearch: + title: elasticsearch + type: object + properties: + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + config: + type: object + config_yaml: + type: string + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + Fleet_output_create_request_kafka: + title: kafka + type: object + properties: + auth_type: + type: string + broker_timeout: + type: number + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + client_id: + type: string + compression: + type: string + compression_level: + type: number + config: + type: object + config_yaml: + type: string + connection_type: + enum: + - plaintext + - encryption + type: string + headers: + items: + type: object + properties: + key: + type: string + value: + type: string + type: array + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + key: + type: string + name: + type: string + partition: + type: string + password: + type: string + proxy_id: + type: string + random: + type: object + properties: + group_events: + type: number + required_acks: + type: number + round_robin: + type: object + properties: + group_events: + type: number + sasl: + type: object + properties: + mechanism: + type: string + secrets: + type: object + properties: + password: + type: string + ssl: + type: object + properties: + key: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - none + - full + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + deprecated: true + description: Use topic instead. + items: + type: object + properties: + topic: + type: string + when: + deprecated: true + description: >- + Deprecated, kafka output do not support conditionnal topics + anymore. + type: object + properties: + condition: + type: string + type: + type: string + type: array + type: + enum: + - kafka + type: string + username: + type: string + version: + type: string + required: + - name + - type + - topics + - auth_type + - hosts + Fleet_output_create_request_logstash: + title: logstash + type: object + properties: + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + config: + type: object + config_yaml: + type: string + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + name: + type: string + proxy_id: + type: string + secrets: + type: object + properties: + ssl: + type: object + properties: + key: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + type: + enum: + - logstash + type: string + required: + - name + - hosts + - type + Fleet_output_create_request_remote_elasticsearch: + title: remote_elasticsearch + type: object + properties: + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + name: + type: string + secrets: + type: object + properties: + service_token: + type: string + service_token: + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + Fleet_output_update_request: + discriminator: + mapping: + elasticsearch: '#/components/schemas/Fleet_output_update_request_elasticsearch' + kafka: '#/components/schemas/Fleet_output_update_request_kafka' + logstash: '#/components/schemas/Fleet_output_update_request_logstash' + propertyName: type + oneOf: + - $ref: '#/components/schemas/Fleet_output_update_request_elasticsearch' + - $ref: '#/components/schemas/Fleet_output_update_request_kafka' + - $ref: '#/components/schemas/Fleet_output_update_request_logstash' + title: Output + Fleet_output_update_request_elasticsearch: + title: elasticsearch + type: object + properties: + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + config: + type: object + config_yaml: + type: string + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - hosts + - type + Fleet_output_update_request_kafka: + title: kafka + type: object + properties: + auth_type: + type: string + broker_timeout: + type: number + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + client_id: + type: string + compression: + type: string + compression_level: + type: number + config: + type: object + config_yaml: + type: string + connection_type: + enum: + - plaintext + - encryption + type: string + headers: + items: + type: object + properties: + key: + type: string + value: + type: string + type: array + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + key: + type: string + name: + type: string + partition: + type: string + password: + type: string + proxy_id: + type: string + random: + type: object + properties: + group_events: + type: number + required_acks: + type: number + round_robin: + type: object + properties: + group_events: + type: number + sasl: + type: object + properties: + mechanism: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - none + - full + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + deprecated: true + description: Use topic instead. + items: + type: object + properties: + topic: + type: string + when: + deprecated: true + description: >- + Deprecated, kafka output do not support conditionnal topics + anymore. + type: object + properties: + condition: + type: string + type: + type: string + type: array + type: + enum: + - kafka + type: string + username: + type: string + version: + type: string + required: + - name + Fleet_output_update_request_logstash: + title: logstash + type: object + properties: + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + config: + type: object + config_yaml: + type: string + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + name: + type: string + proxy_id: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + type: + enum: + - logstash + type: string + required: + - name + Fleet_package_info: + title: Package information + type: object + properties: + assets: + items: + type: string + type: array + categories: + items: + type: string + type: array + conditions: + type: object + properties: + elasticsearch: + type: object + properties: + subscription: + enum: + - basic + - gold + - platinum + - enterprise + type: string + kibana: + type: object + properties: + versions: + type: string + data_streams: + items: + type: object + properties: + ingeset_pipeline: + type: string + name: + type: string + package: + type: string + release: + type: string + title: + type: string + type: + type: string + vars: + items: + type: object + properties: + default: + type: string + name: + type: string + required: + - name + - default + type: array + required: + - title + - name + - release + - ingeset_pipeline + - type + - package + type: array + description: + type: string + download: + type: string + elasticsearch: + type: object + properties: + privileges: + type: object + properties: + cluster: + items: + type: string + type: array + format_version: + type: string + icons: + items: + type: string + type: array + internal: + type: boolean + name: + type: string + path: + type: string + readme: + type: string + release: + deprecated: true + description: >- + release label is deprecated, derive from the version instead + (packages follow semver) + enum: + - experimental + - beta + - ga + type: string + screenshots: + items: + type: object + properties: + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + - path + type: array + source: + type: object + properties: + license: + enum: + - Apache-2.0 + - Elastic-2.0 + type: string + title: + type: string + type: + type: string + version: + type: string + required: + - name + - title + - version + - description + - type + - categories + - conditions + - assets + - format_version + - download + - path + Fleet_package_policy: + allOf: + - type: object + properties: + id: + type: string + inputs: + oneOf: + - items: {} + type: array + - type: object + revision: + type: number + required: + - id + - revision + - $ref: '#/components/schemas/Fleet_new_package_policy' + title: Package policy + Fleet_package_policy_request: + title: Package Policy Request + type: object + properties: + description: + description: Package policy description + example: my description + type: string + force: + description: >- + Force package policy creation even if package is not verified, or if + the agent policy is managed. + type: boolean + id: + description: Package policy unique identifier + type: string + inputs: + additionalProperties: + type: object + properties: + enabled: + description: enable or disable that input, (default to true) + type: boolean + streams: + additionalProperties: + type: object + properties: + enabled: + description: enable or disable that stream, (default to true) + type: boolean + vars: + description: >- + Stream level variable (see integration documentation for + more information) + type: object + description: >- + Input streams (see integration documentation to know what + streams are available) + type: object + vars: + description: >- + Input level variable (see integration documentation for more + information) + type: object + description: >- + Package policy inputs (see integration documentation to know what + inputs are available) + example: + nginx-logfile: + enabled: true + streams: + nginx.access: + enabled: true + vars: + ignore_older: 72h + paths: + - /var/log/nginx/access.log* + preserve_original_event: false + tags: + - nginx-access + type: object + name: + description: Package policy name (should be unique) + example: nginx-123 + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit the agent + policy's namespace. + example: customnamespace + type: string + output_id: + description: Output ID to send package data to + example: output-id + nullable: true + type: string + overrides: + description: >- + Override settings that are defined in the package policy. The + override option should be used only in unusual circumstances and not + as a routine procedure. + nullable: true + type: object + properties: + inputs: + type: object + package: + type: object + properties: + name: + description: Package name + example: nginx + type: string + version: + description: Package version + example: 1.6.0 + type: string + required: + - name + - version + policy_id: + deprecated: true + description: Agent policy ID where that package policy will be added + example: agent-policy-id + nullable: true + type: string + policy_ids: + description: Agent policy IDs where that package policy will be added + example: + - agent-policy-id + items: + type: string + type: array + vars: + description: >- + Package root level variable (see integration documentation for more + information) + type: object + required: + - name + - package + Fleet_package_usage_stats: + title: Package usage stats + type: object + properties: + agent_policy_count: + type: integer + required: + - agent_policy_count + Fleet_proxies: + title: Fleet Proxy + type: object + properties: + certificate: + type: string + certificate_authorities: + type: string + certificate_key: + type: string + id: + type: string + name: + type: string + proxy_headers: + type: object + url: + type: string + required: + - name + - url + Fleet_saved_object_type: + oneOf: + - enum: + - dashboard + - visualization + - search + - index_pattern + - map + - lens + - security_rule + - csp_rule_template + - ml_module + - tag + - osquery_pack_asset + - osquery_saved_query + type: string + - enum: + - index + - component_template + - ingest_pipeline + - index_template + - ilm_policy + - transform + - data_stream_ilm_policy + - ml_model + type: string + title: Saved Object type + Fleet_search_result: + title: Search result + type: object + properties: + description: + type: string + download: + type: string + icons: + type: string + installationInfo: + $ref: '#/components/schemas/Fleet_installation_info' + name: + type: string + path: + type: string + savedObject: + deprecated: true + type: object + status: + type: string + title: + type: string + type: + type: string + version: + type: string + required: + - description + - download + - icons + - name + - path + - title + - type + - version + - status + Fleet_settings: + title: Settings + type: object + properties: + fleet_server_hosts: + deprecated: true + items: + type: string + type: array + has_seen_add_data_notice: + type: boolean + id: + type: string + prerelease_integrations_enabled: + type: boolean + required: + - fleet_server_hosts + - id + Fleet_upgrade_agent: + title: Upgrade agent + type: object + properties: + force: + description: Force upgrade, skipping validation (should be used with caution) + type: boolean + skipRateLimitCheck: + description: Skip rate limit check for upgrade + type: boolean + source_uri: + type: string + version: + type: string + required: + - version + Fleet_upgrade_agent_diff: + items: + items: + $ref: '#/components/schemas/Fleet_full_agent_policy_input' + type: array + title: Package policy Upgrade dryrun + type: array + Fleet_upgrade_diff: + items: + allOf: + - $ref: '#/components/schemas/Fleet_package_policy' + - allOf: + - $ref: '#/components/schemas/Fleet_new_package_policy' + - type: object + properties: + errors: + items: + type: object + properties: + key: + type: string + message: + type: string + type: array + missingVars: + items: + type: string + type: array + type: object + title: Package policy Upgrade dryrun + type: array + Kibana_HTTP_APIs_core_status_redactedResponse: + additionalProperties: false + description: A minimal representation of Kibana's operational status. + type: object + properties: + status: + additionalProperties: false + type: object + properties: + overall: + additionalProperties: false + type: object + properties: + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + required: + - level + required: + - overall + required: + - status + Kibana_HTTP_APIs_core_status_response: + additionalProperties: false + description: >- + Kibana's operational status as well as a detailed breakdown of plugin + statuses indication of various loads (like event loop utilization and + network traffic) at time of request. + type: object + properties: + metrics: + additionalProperties: false + description: Metric groups collected by Kibana. + type: object + properties: + collection_interval_in_millis: + description: The interval at which metrics should be collected. + type: number + elasticsearch_client: + additionalProperties: false + description: Current network metrics of Kibana's Elasticsearch client. + type: object + properties: + totalActiveSockets: + description: Count of network sockets currently in use. + type: number + totalIdleSockets: + description: Count of network sockets currently idle. + type: number + totalQueuedRequests: + description: Count of requests not yet assigned to sockets. + type: number + required: + - totalActiveSockets + - totalIdleSockets + - totalQueuedRequests + last_updated: + description: The time metrics were collected. + type: string + required: + - elasticsearch_client + - last_updated + - collection_interval_in_millis + name: + description: Kibana instance name. + type: string + status: + additionalProperties: false + type: object + properties: + core: + additionalProperties: false + description: Statuses of core Kibana services. + type: object + properties: + elasticsearch: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: >- + An unstructured set of extra metadata about this + service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + savedObjects: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: >- + An unstructured set of extra metadata about this + service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + required: + - elasticsearch + - savedObjects + overall: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + plugins: + additionalProperties: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + description: A dynamic mapping of plugin ID to plugin status. + type: object + required: + - overall + - core + - plugins + uuid: + description: >- + Unique, generated Kibana instance UUID. This UUID should persist + even if the Kibana process restarts. + type: string + version: + additionalProperties: false + type: object + properties: + build_date: + description: The date and time of this build. + type: string + build_flavor: + description: >- + The build flavour determines configuration and behavior of + Kibana. On premise users will almost always run the + "traditional" flavour, while other flavours are reserved for + Elastic-specific use cases. + enum: + - serverless + - traditional + type: string + build_hash: + description: >- + A unique hash value representing the git commit of this Kibana + build. + type: string + build_number: + description: >- + A monotonically increasing number, each subsequent build will + have a higher number. + type: number + build_snapshot: + description: Whether this build is a snapshot build. + type: boolean + number: + description: A semantic version number. + type: string + required: + - number + - build_hash + - build_number + - build_snapshot + - build_flavor + - build_date + required: + - name + - uuid + - version + - status + - metrics + Machine_learning_APIs_mlSync200Response: + properties: + datafeedsAdded: + additionalProperties: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' + description: >- + If a saved object for an anomaly detection job is missing a datafeed + identifier, it is added when you run the sync machine learning saved + objects API. + type: object + datafeedsRemoved: + additionalProperties: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' + description: >- + If a saved object for an anomaly detection job references a datafeed + that no longer exists, it is deleted when you run the sync machine + learning saved objects API. + type: object + savedObjectsCreated: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsCreated + savedObjectsDeleted: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted + title: Successful sync API response + type: object + Machine_learning_APIs_mlSync4xxResponse: + properties: + error: + example: Unauthorized + type: string + message: + type: string + statusCode: + example: 401 + type: integer + title: Unsuccessful sync API response + type: object + Machine_learning_APIs_mlSyncResponseAnomalyDetectors: + description: >- + The sync machine learning saved objects API response contains this + object when there are anomaly detection jobs affected by the + synchronization. There is an object for each relevant job, which + contains the synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for anomaly detection jobs + type: object + Machine_learning_APIs_mlSyncResponseDatafeeds: + description: >- + The sync machine learning saved objects API response contains this + object when there are datafeeds affected by the synchronization. There + is an object for each relevant datafeed, which contains the + synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for datafeeds + type: object + Machine_learning_APIs_mlSyncResponseDataFrameAnalytics: + description: >- + The sync machine learning saved objects API response contains this + object when there are data frame analytics jobs affected by the + synchronization. There is an object for each relevant job, which + contains the synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for data frame analytics jobs + type: object + Machine_learning_APIs_mlSyncResponseSavedObjectsCreated: + description: >- + If saved objects are missing for machine learning jobs or trained + models, they are created when you run the sync machine learning saved + objects API. + properties: + anomaly-detector: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors + description: >- + If saved objects are missing for anomaly detection jobs, they are + created. + type: object + data-frame-analytics: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics + description: >- + If saved objects are missing for data frame analytics jobs, they are + created. + type: object + trained-model: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels + description: If saved objects are missing for trained models, they are created. + type: object + title: Sync API response for created saved objects + type: object + Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted: + description: >- + If saved objects exist for machine learning jobs or trained models that + no longer exist, they are deleted when you run the sync machine learning + saved objects API. + properties: + anomaly-detector: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors + description: >- + If there are saved objects exist for nonexistent anomaly detection + jobs, they are deleted. + type: object + data-frame-analytics: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics + description: >- + If there are saved objects exist for nonexistent data frame + analytics jobs, they are deleted. + type: object + trained-model: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels + description: >- + If there are saved objects exist for nonexistent trained models, + they are deleted. + type: object + title: Sync API response for deleted saved objects + type: object + Machine_learning_APIs_mlSyncResponseSuccess: + description: The success or failure of the synchronization. + type: boolean + Machine_learning_APIs_mlSyncResponseTrainedModels: + description: >- + The sync machine learning saved objects API response contains this + object when there are trained models affected by the synchronization. + There is an object for each relevant trained model, which contains the + synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for trained models + type: object + Saved_objects_400_response: + title: Bad request + type: object + properties: + error: + enum: + - Bad Request + type: string + message: + type: string + statusCode: + enum: + - 400 + type: integer + required: + - error + - message + - statusCode + Saved_objects_attributes: + description: > + The data that you want to create. WARNING: When you create saved + objects, attributes are not validated, which allows you to pass + arbitrary and ill-formed data into the API that can break Kibana. Make + sure any data that you send to the API is properly formed. + type: object + Saved_objects_initial_namespaces: + description: > + Identifiers for the spaces in which this object is created. If this is + provided, the object is created only in the explicitly defined spaces. + If this is not provided, the object is created in the current space + (default behavior). For shareable object types (registered with + `namespaceType: 'multiple'`), this option can be used to specify one or + more spaces, including the "All spaces" identifier ('*'). For isolated + object types (registered with `namespaceType: 'single'` or + `namespaceType: 'multiple-isolated'`), this option can only be used to + specify a single space, and the "All spaces" identifier ('*') is not + allowed. For global object types (`registered with `namespaceType: + agnostic`), this option cannot be used. + type: array + Saved_objects_references: + description: > + Objects with `name`, `id`, and `type` properties that describe the other + saved objects that this object references. Use `name` in attributes to + refer to the other saved object, but never the `id`, which can update + automatically during migrations or import and export. + type: array + Security_AI_Assistant_API_AnonymizationFieldCreateProps: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + field: + type: string + required: + - field + Security_AI_Assistant_API_AnonymizationFieldDetailsInError: + type: object + properties: + id: + type: string + name: + type: string + required: + - id + Security_AI_Assistant_API_AnonymizationFieldResponse: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + createdAt: + type: string + createdBy: + type: string + field: + type: string + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + namespace: + description: Kibana space + type: string + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + updatedAt: + type: string + updatedBy: + type: string + required: + - id + - field + Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipReason: + enum: + - ANONYMIZATION_FIELD_NOT_MODIFIED + type: string + Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipReason + required: + - id + - skip_reason + Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse: + type: object + properties: + anonymization_fields_count: + type: integer + attributes: + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_NormalizedAnonymizationFieldError + type: array + results: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResults + summary: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_BulkCrudActionSummary + required: + - results + - summary + message: + type: string + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResults: + type: object + properties: + created: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + deleted: + items: + type: string + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipResult + type: array + updated: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + required: + - updated + - created + - deleted + - skipped + Security_AI_Assistant_API_AnonymizationFieldUpdateProps: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + id: + type: string + required: + - id + Security_AI_Assistant_API_ApiConfig: + type: object + properties: + actionTypeId: + description: action type id + type: string + connectorId: + description: connector id + type: string + defaultSystemPromptId: + description: defaultSystemPromptId + type: string + model: + description: model + type: string + provider: + $ref: '#/components/schemas/Security_AI_Assistant_API_Provider' + description: Provider + required: + - connectorId + - actionTypeId + Security_AI_Assistant_API_BulkCrudActionSummary: + type: object + properties: + failed: + type: integer + skipped: + type: integer + succeeded: + type: integer + total: + type: integer + required: + - failed + - skipped + - succeeded + - total + Security_AI_Assistant_API_ChatCompleteProps: + type: object + properties: + connectorId: + type: string + conversationId: + type: string + isStream: + type: boolean + langSmithApiKey: + type: string + langSmithProject: + type: string + messages: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatMessage' + type: array + model: + type: string + persist: + type: boolean + promptId: + type: string + responseLanguage: + type: string + required: + - messages + - persist + - connectorId + Security_AI_Assistant_API_ChatMessage: + description: AI assistant message. + type: object + properties: + content: + description: Message content. + type: string + data: + $ref: '#/components/schemas/Security_AI_Assistant_API_MessageData' + description: ECS object to attach to the context of the message. + fields_to_anonymize: + items: + type: string + type: array + role: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatMessageRole' + description: Message role. + required: + - role + Security_AI_Assistant_API_ChatMessageRole: + description: Message role. + enum: + - system + - user + - assistant + type: string + Security_AI_Assistant_API_ConversationCategory: + description: The conversation category. + enum: + - assistant + - insights + type: string + Security_AI_Assistant_API_ConversationConfidence: + description: The conversation confidence. + enum: + - low + - medium + - high + type: string + Security_AI_Assistant_API_ConversationCreateProps: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + description: The conversation id. + type: string + isDefault: + description: Is default conversation. + type: boolean + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + title: + description: The conversation title. + type: string + required: + - title + Security_AI_Assistant_API_ConversationResponse: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + createdAt: + description: The last time conversation was updated. + type: string + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + isDefault: + description: Is default conversation. + type: boolean + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + namespace: + description: Kibana space + type: string + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + summary: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationSummary' + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + title: + description: The conversation title. + type: string + updatedAt: + description: The last time conversation was updated. + type: string + users: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_User' + type: array + required: + - id + - title + - createdAt + - users + - namespace + - category + Security_AI_Assistant_API_ConversationSummary: + type: object + properties: + confidence: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationConfidence + description: >- + How confident you are about this being a correct and useful + learning. + content: + description: Summary text of the conversation over time. + type: string + public: + description: Define if summary is marked as publicly available. + type: boolean + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + description: The timestamp summary was updated. + Security_AI_Assistant_API_ConversationUpdateProps: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + summary: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationSummary' + title: + description: The conversation title. + type: string + required: + - id + Security_AI_Assistant_API_FindAnonymizationFieldsSortField: + enum: + - created_at + - anonymized + - allowed + - field + - updated_at + type: string + Security_AI_Assistant_API_FindConversationsSortField: + enum: + - created_at + - is_default + - title + - updated_at + type: string + Security_AI_Assistant_API_FindPromptsSortField: + enum: + - created_at + - is_default + - name + - updated_at + type: string + Security_AI_Assistant_API_Message: + description: AI assistant conversation message. + type: object + properties: + content: + description: Message content. + type: string + isError: + description: Is error message. + type: boolean + reader: + $ref: '#/components/schemas/Security_AI_Assistant_API_Reader' + description: Message content. + role: + $ref: '#/components/schemas/Security_AI_Assistant_API_MessageRole' + description: Message role. + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + description: The timestamp message was sent or received. + traceData: + $ref: '#/components/schemas/Security_AI_Assistant_API_TraceData' + description: trace Data + required: + - timestamp + - content + - role + Security_AI_Assistant_API_MessageData: + additionalProperties: true + type: object + Security_AI_Assistant_API_MessageRole: + description: Message role. + enum: + - system + - user + - assistant + type: string + Security_AI_Assistant_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_AI_Assistant_API_NormalizedAnonymizationFieldError: + type: object + properties: + anonymization_fields: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldDetailsInError + type: array + err_code: + type: string + message: + type: string + status_code: + type: integer + required: + - message + - status_code + - anonymization_fields + Security_AI_Assistant_API_NormalizedPromptError: + type: object + properties: + err_code: + type: string + message: + type: string + prompts: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptDetailsInError + type: array + status_code: + type: integer + required: + - message + - status_code + - prompts + Security_AI_Assistant_API_PromptCreateProps: + type: object + properties: + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + name: + type: string + promptType: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptType' + required: + - name + - content + - promptType + Security_AI_Assistant_API_PromptDetailsInError: + type: object + properties: + id: + type: string + name: + type: string + required: + - id + Security_AI_Assistant_API_PromptResponse: + type: object + properties: + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + createdAt: + type: string + createdBy: + type: string + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + name: + type: string + namespace: + description: Kibana space + type: string + promptType: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptType' + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + updatedAt: + type: string + updatedBy: + type: string + users: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_User' + type: array + required: + - id + - name + - promptType + - content + Security_AI_Assistant_API_PromptsBulkActionSkipReason: + enum: + - PROMPT_FIELD_NOT_MODIFIED + type: string + Security_AI_Assistant_API_PromptsBulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkActionSkipReason + required: + - id + - skip_reason + Security_AI_Assistant_API_PromptsBulkCrudActionResponse: + type: object + properties: + attributes: + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_NormalizedPromptError + type: array + results: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResults + summary: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_BulkCrudActionSummary + required: + - results + - summary + message: + type: string + prompts_count: + type: integer + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_AI_Assistant_API_PromptsBulkCrudActionResults: + type: object + properties: + created: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptResponse' + type: array + deleted: + items: + type: string + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkActionSkipResult + type: array + updated: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptResponse' + type: array + required: + - updated + - created + - deleted + - skipped + Security_AI_Assistant_API_PromptType: + description: Prompt type + enum: + - system + - quick + type: string + Security_AI_Assistant_API_PromptUpdateProps: + type: object + properties: + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + id: + type: string + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + required: + - id + Security_AI_Assistant_API_Provider: + description: Provider + enum: + - OpenAI + - Azure OpenAI + type: string + Security_AI_Assistant_API_Reader: + additionalProperties: true + type: object + Security_AI_Assistant_API_Replacements: + additionalProperties: + type: string + description: Replacements object used to anonymize/deanomymize messsages + type: object + Security_AI_Assistant_API_SortOrder: + enum: + - asc + - desc + type: string + Security_AI_Assistant_API_TraceData: + description: trace Data + type: object + properties: + traceId: + description: Could be any string, not necessarily a UUID + type: string + transactionId: + description: Could be any string, not necessarily a UUID + type: string + Security_AI_Assistant_API_User: + description: Could be any string, not necessarily a UUID + type: object + properties: + id: + description: User id + type: string + name: + description: User name + type: string + Security_Solution_Detections_API_AlertAssignees: + type: object + properties: + add: + description: A list of users ids to assign. + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + remove: + description: A list of users ids to unassign. + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + required: + - add + - remove + Security_Solution_Detections_API_AlertIds: + description: A list of alerts ids. + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + minItems: 1 + type: array + Security_Solution_Detections_API_AlertsIndex: + deprecated: true + description: (deprecated) Has no effect. + type: string + Security_Solution_Detections_API_AlertsIndexMigrationError: + type: object + properties: + error: + type: object + properties: + message: + type: string + status_code: + type: string + required: + - message + - status_code + index: + type: string + required: + - index + - error + Security_Solution_Detections_API_AlertsIndexMigrationSuccess: + type: object + properties: + index: + type: string + migration_id: + type: string + migration_index: + type: string + required: + - index + - migration_id + - migration_index + Security_Solution_Detections_API_AlertsIndexNamespace: + description: Has no effect. + type: string + Security_Solution_Detections_API_AlertsReindexOptions: + type: object + properties: + requests_per_second: + minimum: 1 + type: integer + size: + minimum: 1 + type: integer + slices: + minimum: 1 + type: integer + Security_Solution_Detections_API_AlertsSort: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsSortCombinations + - items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsSortCombinations + type: array + Security_Solution_Detections_API_AlertsSortCombinations: + anyOf: + - type: string + - additionalProperties: true + type: object + Security_Solution_Detections_API_AlertStatus: + enum: + - open + - closed + - acknowledged + - in-progress + type: string + Security_Solution_Detections_API_AlertSuppression: + type: object + properties: + duration: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionDuration + group_by: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionGroupBy + missing_fields_strategy: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionMissingFieldsStrategy + required: + - group_by + Security_Solution_Detections_API_AlertSuppressionDuration: + type: object + properties: + unit: + enum: + - s + - m + - h + type: string + value: + minimum: 1 + type: integer + required: + - value + - unit + Security_Solution_Detections_API_AlertSuppressionGroupBy: + items: + type: string + maxItems: 3 + minItems: 1 + type: array + Security_Solution_Detections_API_AlertSuppressionMissingFieldsStrategy: + description: >- + Describes how alerts will be generated for documents with missing + suppress by fields: + + doNotSuppress - per each document a separate alert will be created + + suppress - only alert will be created per suppress by bucket + enum: + - doNotSuppress + - suppress + type: string + Security_Solution_Detections_API_AlertTag: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + Security_Solution_Detections_API_AlertTags: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertTag' + type: array + Security_Solution_Detections_API_AlertVersion: + type: object + properties: + count: + type: integer + version: + type: integer + required: + - version + - count + Security_Solution_Detections_API_AnomalyThreshold: + description: Anomaly threshold + minimum: 0 + type: integer + Security_Solution_Detections_API_BuildingBlockType: + description: >- + Determines if the rule acts as a building block. By default, + building-block alerts are not displayed in the UI. These rules are used + as a foundation for other rules that do generate alerts. Its value must + be default. + type: string + Security_Solution_Detections_API_BulkActionEditPayload: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadTags + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadIndexPatterns + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadInvestigationFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadTimeline + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadRuleActions + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadSchedule + Security_Solution_Detections_API_BulkActionEditPayloadIndexPatterns: + type: object + properties: + overwrite_data_views: + type: boolean + type: + enum: + - add_index_patterns + - delete_index_patterns + - set_index_patterns + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadInvestigationFields: + type: object + properties: + type: + enum: + - add_investigation_fields + - delete_investigation_fields + - set_investigation_fields + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadRuleActions: + type: object + properties: + type: + enum: + - add_rule_actions + - set_rule_actions + type: string + value: + type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NormalizedRuleAction + type: array + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThrottleForBulkActions + required: + - actions + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadSchedule: + type: object + properties: + type: + enum: + - set_schedule + type: string + value: + type: object + properties: + interval: + description: >- + Interval in which the rule runs. For example, `"1h"` means the + rule runs every hour. + example: 1h + pattern: ^[1-9]\d*[smh]$ + type: string + lookback: + description: Lookback time for the rule + example: 1h + pattern: ^[1-9]\d*[smh]$ + type: string + required: + - interval + - lookback + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadTags: + type: object + properties: + type: + enum: + - add_tags + - delete_tags + - set_tags + type: string + value: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleTagArray' + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadTimeline: + type: object + properties: + type: + enum: + - set_timeline + type: string + value: + type: object + properties: + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + required: + - timeline_id + - timeline_title + required: + - type + - value + Security_Solution_Detections_API_BulkActionsDryRunErrCode: + enum: + - IMMUTABLE + - MACHINE_LEARNING_AUTH + - MACHINE_LEARNING_INDEX_PATTERN + - ESQL_INDEX_PATTERN + - MANUAL_RULE_RUN_FEATURE + - MANUAL_RULE_RUN_DISABLED_RULE + type: string + Security_Solution_Detections_API_BulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditSkipReason + required: + - id + - skip_reason + Security_Solution_Detections_API_BulkCrudRulesResponse: + items: + oneOf: + - $ref: '#/components/schemas/Security_Solution_Detections_API_RuleResponse' + - $ref: '#/components/schemas/Security_Solution_Detections_API_ErrorSchema' + type: array + Security_Solution_Detections_API_BulkDeleteRules: + type: object + properties: + action: + enum: + - delete + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkDisableRules: + type: object + properties: + action: + enum: + - disable + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkDuplicateRules: + type: object + properties: + action: + enum: + - duplicate + type: string + duplicate: + type: object + properties: + include_exceptions: + description: Whether to copy exceptions from the original rule + type: boolean + include_expired_exceptions: + description: Whether to copy expired exceptions from the original rule + type: boolean + required: + - include_exceptions + - include_expired_exceptions + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkEditActionResponse: + type: object + properties: + attributes: + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NormalizedRuleError + type: array + results: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditActionResults + summary: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditActionSummary + required: + - results + - summary + message: + type: string + rules_count: + type: integer + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_Solution_Detections_API_BulkEditActionResults: + type: object + properties: + created: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleResponse' + type: array + deleted: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleResponse' + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionSkipResult + type: array + updated: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleResponse' + type: array + required: + - updated + - created + - deleted + - skipped + Security_Solution_Detections_API_BulkEditActionSummary: + type: object + properties: + failed: + type: integer + skipped: + type: integer + succeeded: + type: integer + total: + type: integer + required: + - failed + - skipped + - succeeded + - total + Security_Solution_Detections_API_BulkEditRules: + type: object + properties: + action: + enum: + - edit + type: string + edit: + description: Array of objects containing the edit operations + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayload + minItems: 1 + type: array + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + - edit + Security_Solution_Detections_API_BulkEditSkipReason: + enum: + - RULE_NOT_MODIFIED + type: string + Security_Solution_Detections_API_BulkEnableRules: + type: object + properties: + action: + enum: + - enable + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkExportActionResponse: + type: string + Security_Solution_Detections_API_BulkExportRules: + type: object + properties: + action: + enum: + - export + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkManualRuleRun: + type: object + properties: + action: + enum: + - run + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + run: + type: object + properties: + end_date: + description: End date of the manual rule run + type: string + start_date: + description: Start date of the manual rule run + type: string + required: + - start_date + required: + - action + - run + Security_Solution_Detections_API_ConcurrentSearches: + minimum: 1 + type: integer + Security_Solution_Detections_API_DataViewId: + type: string + Security_Solution_Detections_API_DefaultParams: + type: object + properties: + command: + enum: + - isolate + type: string + comment: + type: string + required: + - command + Security_Solution_Detections_API_EcsMapping: + additionalProperties: + type: object + properties: + field: + type: string + value: + oneOf: + - type: string + - items: + type: string + type: array + type: object + Security_Solution_Detections_API_EndpointResponseAction: + type: object + properties: + action_type_id: + enum: + - .endpoint + type: string + params: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_DefaultParams + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ProcessesParams + required: + - action_type_id + - params + Security_Solution_Detections_API_EqlOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + event_category_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EventCategoryOverride + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + tiebreaker_field: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TiebreakerField + timestamp_field: + $ref: '#/components/schemas/Security_Solution_Detections_API_TimestampField' + Security_Solution_Detections_API_EqlQueryLanguage: + enum: + - eql + type: string + Security_Solution_Detections_API_EqlRequiredFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlQueryLanguage + description: Query language to use + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: EQL query to execute + type: + description: Rule type + enum: + - eql + type: string + required: + - type + - query + - language + Security_Solution_Detections_API_EqlRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleResponseFields + Security_Solution_Detections_API_EqlRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlOptionalFields + Security_Solution_Detections_API_EqlRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateFields + Security_Solution_Detections_API_EqlRulePatchFields: + allOf: + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlQueryLanguage + description: Query language to use + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: EQL query to execute + type: + description: Rule type + enum: + - eql + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlOptionalFields + Security_Solution_Detections_API_EqlRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRulePatchFields + Security_Solution_Detections_API_EqlRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlOptionalFields + Security_Solution_Detections_API_EqlRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateFields + Security_Solution_Detections_API_ErrorSchema: + additionalProperties: false + type: object + properties: + error: + type: object + properties: + message: + type: string + status_code: + minimum: 400 + type: integer + required: + - status_code + - message + id: + type: string + item_id: + minLength: 1 + type: string + list_id: + minLength: 1 + type: string + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + required: + - error + Security_Solution_Detections_API_EsqlQueryLanguage: + enum: + - esql + type: string + Security_Solution_Detections_API_EsqlRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleResponseFields + Security_Solution_Detections_API_EsqlRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleRequiredFields + Security_Solution_Detections_API_EsqlRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateFields + Security_Solution_Detections_API_EsqlRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + Security_Solution_Detections_API_EsqlRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlQueryLanguage + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: ESQL query to execute + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + type: + description: Rule type + enum: + - esql + type: string + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleOptionalFields + Security_Solution_Detections_API_EsqlRuleRequiredFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlQueryLanguage + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: ESQL query to execute + type: + description: Rule type + enum: + - esql + type: string + required: + - type + - language + - query + Security_Solution_Detections_API_EsqlRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleRequiredFields + Security_Solution_Detections_API_EsqlRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateFields + Security_Solution_Detections_API_EventCategoryOverride: + type: string + Security_Solution_Detections_API_ExceptionListType: + description: The exception type + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Solution_Detections_API_ExternalRuleSource: + description: >- + Type of rule source for externally sourced rules, i.e. rules that have + an external source, such as the Elastic Prebuilt rules repo. + type: object + properties: + is_customized: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsExternalRuleCustomized + type: + enum: + - external + type: string + required: + - type + - is_customized + Security_Solution_Detections_API_FindRulesSortField: + enum: + - created_at + - createdAt + - enabled + - execution_summary.last_execution.date + - execution_summary.last_execution.metrics.execution_gap_duration_s + - execution_summary.last_execution.metrics.total_indexing_duration_ms + - execution_summary.last_execution.metrics.total_search_duration_ms + - execution_summary.last_execution.status + - name + - risk_score + - riskScore + - severity + - updated_at + - updatedAt + type: string + Security_Solution_Detections_API_HistoryWindowStart: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + Security_Solution_Detections_API_IndexMigrationStatus: + type: object + properties: + index: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + is_outdated: + type: boolean + migrations: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_MigrationStatus + type: array + signal_versions: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertVersion' + type: array + version: + type: integer + required: + - index + - version + - signal_versions + - migrations + - is_outdated + Security_Solution_Detections_API_IndexPatternArray: + items: + type: string + type: array + Security_Solution_Detections_API_InternalRuleSource: + description: >- + Type of rule source for internally sourced rules, i.e. created within + the Kibana apps. + type: object + properties: + type: + enum: + - internal + type: string + required: + - type + Security_Solution_Detections_API_InvestigationFields: + description: > + Schema for fields relating to investigation fields. These are user + defined fields we use to highlight + + in various features in the UI such as alert details flyout and + exceptions auto-population from alert. + + Added in PR #163235 + + Right now we only have a single field but anticipate adding more related + fields to store various + + configuration states such as `override` - where a user might say if they + want only these fields to + + display, or if they want these fields + the fields we select. When + expanding this field, it may look + + something like: + + ```typescript + + const investigationFields = z.object({ + field_names: NonEmptyArray(NonEmptyString), + override: z.boolean().optional(), + }); + + ``` + type: object + properties: + field_names: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + minItems: 1 + type: array + required: + - field_names + Security_Solution_Detections_API_InvestigationGuide: + description: Notes to help investigate alerts produced by the rule. + type: string + Security_Solution_Detections_API_IsExternalRuleCustomized: + description: >- + Determines whether an external/prebuilt rule has been customized by the + user (i.e. any of its fields have been modified and diverged from the + base value). + type: boolean + Security_Solution_Detections_API_IsRuleEnabled: + description: Determines whether the rule is enabled. + type: boolean + Security_Solution_Detections_API_IsRuleImmutable: + deprecated: true + description: >- + This field determines whether the rule is a prebuilt Elastic rule. It + will be replaced with the `rule_source` field. + type: boolean + Security_Solution_Detections_API_ItemsPerSearch: + minimum: 1 + type: integer + Security_Solution_Detections_API_KqlQueryLanguage: + enum: + - kuery + - lucene + type: string + Security_Solution_Detections_API_MachineLearningJobId: + description: Machine learning job ID + oneOf: + - type: string + - items: + type: string + minItems: 1 + type: array + Security_Solution_Detections_API_MachineLearningRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleResponseFields + Security_Solution_Detections_API_MachineLearningRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleOptionalFields + Security_Solution_Detections_API_MachineLearningRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateFields + Security_Solution_Detections_API_MachineLearningRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + Security_Solution_Detections_API_MachineLearningRulePatchFields: + allOf: + - type: object + properties: + anomaly_threshold: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AnomalyThreshold + machine_learning_job_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningJobId + type: + description: Rule type + enum: + - machine_learning + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleOptionalFields + Security_Solution_Detections_API_MachineLearningRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRulePatchFields + Security_Solution_Detections_API_MachineLearningRuleRequiredFields: + type: object + properties: + anomaly_threshold: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AnomalyThreshold + machine_learning_job_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningJobId + type: + description: Rule type + enum: + - machine_learning + type: string + required: + - type + - machine_learning_job_id + - anomaly_threshold + Security_Solution_Detections_API_MachineLearningRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleOptionalFields + Security_Solution_Detections_API_MachineLearningRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateFields + Security_Solution_Detections_API_MaxSignals: + minimum: 1 + type: integer + Security_Solution_Detections_API_MigrationCleanupResult: + type: object + properties: + destinationIndex: + type: string + error: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - message + - status_code + id: + type: string + sourceIndex: + type: string + status: + enum: + - success + - failure + - pending + type: string + updated: + format: date-time + type: string + version: + type: string + required: + - id + - destinationIndex + - status + - sourceIndex + - version + - updated + Security_Solution_Detections_API_MigrationFinalizationResult: + type: object + properties: + completed: + type: boolean + destinationIndex: + type: string + error: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - message + - status_code + id: + type: string + sourceIndex: + type: string + status: + enum: + - success + - failure + - pending + type: string + updated: + format: date-time + type: string + version: + type: string + required: + - id + - completed + - destinationIndex + - status + - sourceIndex + - version + - updated + Security_Solution_Detections_API_MigrationStatus: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + status: + enum: + - success + - failure + - pending + type: string + updated: + format: date-time + type: string + version: + type: integer + required: + - id + - status + - version + - updated + Security_Solution_Detections_API_NewTermsFields: + items: + type: string + maxItems: 3 + minItems: 1 + type: array + Security_Solution_Detections_API_NewTermsRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleResponseFields + Security_Solution_Detections_API_NewTermsRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleDefaultableFields + Security_Solution_Detections_API_NewTermsRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateFields + Security_Solution_Detections_API_NewTermsRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_NewTermsRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + Security_Solution_Detections_API_NewTermsRulePatchFields: + allOf: + - type: object + properties: + history_window_start: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_HistoryWindowStart + new_terms_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsFields + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + type: + description: Rule type + enum: + - new_terms + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleDefaultableFields + Security_Solution_Detections_API_NewTermsRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRulePatchFields + Security_Solution_Detections_API_NewTermsRuleRequiredFields: + type: object + properties: + history_window_start: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_HistoryWindowStart + new_terms_fields: + $ref: '#/components/schemas/Security_Solution_Detections_API_NewTermsFields' + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + type: + description: Rule type + enum: + - new_terms + type: string + required: + - type + - query + - new_terms_fields + - history_window_start + Security_Solution_Detections_API_NewTermsRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_NewTermsRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateFields + Security_Solution_Detections_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Detections_API_NormalizedRuleAction: + additionalProperties: false + type: object + properties: + alerts_filter: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionAlertsFilter + frequency: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionFrequency + group: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionGroup + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleActionId' + params: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionParams + required: + - id + - params + Security_Solution_Detections_API_NormalizedRuleError: + type: object + properties: + err_code: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionsDryRunErrCode + message: + type: string + rules: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDetailsInError + type: array + status_code: + type: integer + required: + - message + - status_code + - rules + Security_Solution_Detections_API_OsqueryParams: + type: object + properties: + ecs_mapping: + $ref: '#/components/schemas/Security_Solution_Detections_API_EcsMapping' + pack_id: + type: string + queries: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_OsqueryQuery' + type: array + query: + type: string + saved_query_id: + type: string + timeout: + type: number + Security_Solution_Detections_API_OsqueryQuery: + type: object + properties: + ecs_mapping: + $ref: '#/components/schemas/Security_Solution_Detections_API_EcsMapping' + id: + description: Query ID + type: string + platform: + type: string + query: + description: Query to run + type: string + removed: + type: boolean + snapshot: + type: boolean + version: + description: Query version + type: string + required: + - id + - query + Security_Solution_Detections_API_OsqueryResponseAction: + type: object + properties: + action_type_id: + enum: + - .osquery + type: string + params: + $ref: '#/components/schemas/Security_Solution_Detections_API_OsqueryParams' + required: + - action_type_id + - params + Security_Solution_Detections_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Detections_API_ProcessesParams: + type: object + properties: + command: + enum: + - kill-process + - suspend-process + type: string + comment: + type: string + config: + type: object + properties: + field: + description: Field to use instead of process.pid + type: string + overwrite: + default: true + description: Whether to overwrite field with process.pid + type: boolean + required: + - field + required: + - command + - config + Security_Solution_Detections_API_QueryRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleResponseFields + Security_Solution_Detections_API_QueryRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleDefaultableFields + Security_Solution_Detections_API_QueryRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateFields + Security_Solution_Detections_API_QueryRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + Security_Solution_Detections_API_QueryRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + Security_Solution_Detections_API_QueryRulePatchFields: + allOf: + - type: object + properties: + type: + description: Rule type + enum: + - query + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleDefaultableFields + Security_Solution_Detections_API_QueryRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRulePatchFields + Security_Solution_Detections_API_QueryRuleRequiredFields: + type: object + properties: + type: + description: Rule type + enum: + - query + type: string + required: + - type + Security_Solution_Detections_API_QueryRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + required: + - query + - language + Security_Solution_Detections_API_QueryRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateFields + Security_Solution_Detections_API_RelatedIntegration: + description: > + Related integration is a potential dependency of a rule. It's assumed + that if the user installs + + one of the related integrations of a rule, the rule might start to work + properly because it will + + have source events (generated by this integration) potentially matching + the rule's query. + + + NOTE: Proper work is not guaranteed, because a related integration, if + installed, can be + + configured differently or generate data that is not necessarily relevant + for this rule. + + + Related integration is a combination of a Fleet package and (optionally) + one of the + + package's "integrations" that this package contains. It is represented + by 3 properties: + + + - `package`: name of the package (required, unique id) + + - `version`: version of the package (required, semver-compatible) + + - `integration`: name of the integration of this package (optional, id + within the package) + + + There are Fleet packages like `windows` that contain only one + integration; in this case, + + `integration` should be unspecified. There are also packages like `aws` + and `azure` that contain + + several integrations; in this case, `integration` should be specified. + + + @example + + const x: RelatedIntegration = { + package: 'windows', + version: '1.5.x', + }; + + + @example + + const x: RelatedIntegration = { + package: 'azure', + version: '~1.1.6', + integration: 'activitylogs', + }; + type: object + properties: + integration: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + package: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + version: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + required: + - package + - version + Security_Solution_Detections_API_RelatedIntegrationArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegration + type: array + Security_Solution_Detections_API_RequiredField: + description: > + Describes an Elasticsearch field that is needed for the rule to + function. + + + Almost all types of Security rules check source event documents for a + match to some kind of + + query or filter. If a document has certain field with certain values, + then it's a match and + + the rule will generate an alert. + + + Required field is an event field that must be present in the source + indices of a given rule. + + + @example + + const standardEcsField: RequiredField = { + name: 'event.action', + type: 'keyword', + ecs: true, + }; + + + @example + + const nonEcsField: RequiredField = { + name: 'winlog.event_data.AttributeLDAPDisplayName', + type: 'keyword', + ecs: false, + }; + type: object + properties: + ecs: + description: Whether the field is an ECS field + type: boolean + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Name of an Elasticsearch field + type: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Type of the Elasticsearch field + required: + - name + - type + - ecs + Security_Solution_Detections_API_RequiredFieldArray: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RequiredField' + type: array + Security_Solution_Detections_API_RequiredFieldInput: + description: >- + Input parameters to create a RequiredField. Does not include the `ecs` + field, because `ecs` is calculated on the backend based on the field + name and type. + type: object + properties: + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Name of an Elasticsearch field + type: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Type of an Elasticsearch field + required: + - name + - type + Security_Solution_Detections_API_ResponseAction: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_OsqueryResponseAction + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EndpointResponseAction + Security_Solution_Detections_API_ResponseFields: + type: object + properties: + created_at: + format: date-time + type: string + created_by: + type: string + execution_summary: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionSummary + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleObjectId' + immutable: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleImmutable + required_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldArray + revision: + minimum: 0 + type: integer + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_source: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleSource' + updated_at: + format: date-time + type: string + updated_by: + type: string + required: + - id + - rule_id + - immutable + - updated_at + - updated_by + - created_at + - created_by + - revision + - related_integrations + - required_fields + Security_Solution_Detections_API_RiskScore: + description: Risk score (0 to 100) + maximum: 100 + minimum: 0 + type: integer + Security_Solution_Detections_API_RiskScoreMapping: + description: >- + Overrides generated alerts' risk_score with a value from the source + event + items: + type: object + properties: + field: + type: string + operator: + enum: + - equals + type: string + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + value: + type: string + required: + - field + - operator + - value + type: array + Security_Solution_Detections_API_RuleAction: + type: object + properties: + action_type_id: + description: The action type used for sending notifications. + type: string + alerts_filter: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionAlertsFilter + frequency: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionFrequency + group: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionGroup + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleActionId' + params: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionParams + uuid: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + required: + - action_type_id + - id + - params + Security_Solution_Detections_API_RuleActionAlertsFilter: + additionalProperties: true + type: object + Security_Solution_Detections_API_RuleActionFrequency: + description: >- + The action frequency defines when the action runs (for example, only on + rule execution or at specific time intervals). + type: object + properties: + notifyWhen: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionNotifyWhen + summary: + description: >- + Action summary indicates whether we will send a summary notification + about all the generate alerts or notification per individual alert + type: boolean + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + nullable: true + required: + - summary + - notifyWhen + - throttle + Security_Solution_Detections_API_RuleActionGroup: + description: >- + Optionally groups actions by use cases. Use `default` for alert + notifications. + type: string + Security_Solution_Detections_API_RuleActionId: + description: The connector ID. + type: string + Security_Solution_Detections_API_RuleActionNotifyWhen: + description: >- + The condition for throttling the notification: `onActionGroupChange`, + `onActiveAlert`, or `onThrottleInterval` + enum: + - onActiveAlert + - onThrottleInterval + - onActionGroupChange + type: string + Security_Solution_Detections_API_RuleActionParams: + additionalProperties: true + description: >- + Object containing the allowed connector fields, which varies according + to the connector type. + type: object + Security_Solution_Detections_API_RuleActionThrottle: + description: Defines how often rule actions are taken. + oneOf: + - enum: + - no_actions + - rule + type: string + - description: Time interval in seconds, minutes, hours, or days. + example: 1h + pattern: ^[1-9]\d*[smhd]$ + type: string + Security_Solution_Detections_API_RuleAuthorArray: + items: + type: string + type: array + Security_Solution_Detections_API_RuleCreateProps: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateProps + discriminator: + propertyName: type + Security_Solution_Detections_API_RuleDescription: + minLength: 1 + type: string + Security_Solution_Detections_API_RuleDetailsInError: + type: object + properties: + id: + type: string + name: + type: string + required: + - id + Security_Solution_Detections_API_RuleExceptionList: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: ID of the exception container + list_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: List ID of the exception container + namespace_type: + description: Determines the exceptions validity in rule's Kibana space + enum: + - agnostic + - single + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ExceptionListType + required: + - id + - list_id + - type + - namespace_type + Security_Solution_Detections_API_RuleExecutionMetrics: + type: object + properties: + execution_gap_duration_s: + description: Duration in seconds of execution gap + minimum: 0 + type: integer + total_enrichment_duration_ms: + description: >- + Total time spent enriching documents during current rule execution + cycle + minimum: 0 + type: integer + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during current rule execution + cycle + minimum: 0 + type: integer + total_search_duration_ms: + description: >- + Total time spent performing ES searches as measured by Kibana; + includes network latency and time spent serializing/deserializing + request/response + minimum: 0 + type: integer + Security_Solution_Detections_API_RuleExecutionStatus: + description: >- + Custom execution status of Security rules that is different from the + status used in the Alerting Framework. We merge our custom status with + the Framework's status to determine the resulting status of a rule. + + - going to run - @deprecated Replaced by the 'running' status but left + for backwards compatibility with rule execution events already written + to Event Log in the prior versions of Kibana. Don't use when writing + rule status changes. + + - running - Rule execution started but not reached any intermediate or + final status. + + - partial failure - Rule can partially fail for various reasons either + in the middle of an execution (in this case we update its status right + away) or in the end of it. So currently this status can be both + intermediate and final at the same time. A typical reason for a partial + failure: not all the indices that the rule searches over actually exist. + + - failed - Rule failed to execute due to unhandled exception or a reason + defined in the business logic of its executor function. + + - succeeded - Rule executed successfully without any issues. Note: this + status is just an indication of a rule's "health". The rule might or + might not generate any alerts despite of it. + enum: + - going to run + - running + - partial failure + - failed + - succeeded + type: string + Security_Solution_Detections_API_RuleExecutionStatusOrder: + type: integer + Security_Solution_Detections_API_RuleExecutionSummary: + type: object + properties: + last_execution: + type: object + properties: + date: + description: Date of the last execution + format: date-time + type: string + message: + type: string + metrics: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionMetrics + status: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionStatus + description: Status of the last execution + status_order: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionStatusOrder + required: + - date + - status + - status_order + - message + - metrics + required: + - last_execution + Security_Solution_Detections_API_RuleFalsePositiveArray: + items: + type: string + type: array + Security_Solution_Detections_API_RuleFilterArray: + items: {} + type: array + Security_Solution_Detections_API_RuleInterval: + description: >- + Frequency of rule execution, using a date math range. For example, "1h" + means the rule runs every hour. Defaults to 5m (5 minutes). + type: string + Security_Solution_Detections_API_RuleIntervalFrom: + description: >- + Time from which data is analyzed each time the rule runs, using a date + math range. For example, now-4200s means the rule analyzes data from 70 + minutes before its start time. Defaults to now-6m (analyzes data from 6 + minutes before the start time). + format: date-math + type: string + Security_Solution_Detections_API_RuleIntervalTo: + type: string + Security_Solution_Detections_API_RuleLicense: + description: The rule's license. + type: string + Security_Solution_Detections_API_RuleMetadata: + additionalProperties: true + type: object + Security_Solution_Detections_API_RuleName: + minLength: 1 + type: string + Security_Solution_Detections_API_RuleNameOverride: + description: Sets the source field for the alert's signal.rule.name value + type: string + Security_Solution_Detections_API_RuleObjectId: + $ref: '#/components/schemas/Security_Solution_Detections_API_UUID' + Security_Solution_Detections_API_RulePatchProps: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRulePatchProps + Security_Solution_Detections_API_RulePreviewLoggedRequest: + type: object + properties: + description: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + duration: + type: integer + request: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + required: + - request + Security_Solution_Detections_API_RulePreviewLogs: + type: object + properties: + duration: + description: Execution duration in milliseconds + type: integer + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + requests: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewLoggedRequest + type: array + startedAt: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + warnings: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + required: + - errors + - warnings + - duration + Security_Solution_Detections_API_RulePreviewParams: + type: object + properties: + invocationCount: + type: integer + timeframeEnd: + format: date-time + type: string + required: + - invocationCount + - timeframeEnd + Security_Solution_Detections_API_RuleQuery: + type: string + Security_Solution_Detections_API_RuleReferenceArray: + items: + type: string + type: array + Security_Solution_Detections_API_RuleResponse: + anyOf: + - $ref: '#/components/schemas/Security_Solution_Detections_API_EqlRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_QueryRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_ThresholdRule' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRule + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRule + - $ref: '#/components/schemas/Security_Solution_Detections_API_NewTermsRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_EsqlRule' + discriminator: + propertyName: type + Security_Solution_Detections_API_RuleSignatureId: + description: Could be any string, not necessarily a UUID + type: string + Security_Solution_Detections_API_RuleSource: + description: >- + Discriminated union that determines whether the rule is internally + sourced (created within the Kibana app) or has an external source, such + as the Elastic Prebuilt rules repo. + discriminator: + propertyName: type + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ExternalRuleSource + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_InternalRuleSource + Security_Solution_Detections_API_RuleTagArray: + description: >- + String array containing words and phrases to help categorize, filter, + and search rules. Defaults to an empty array. + items: + type: string + type: array + Security_Solution_Detections_API_RuleUpdateProps: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleUpdateProps + discriminator: + propertyName: type + Security_Solution_Detections_API_RuleVersion: + description: The rule's version number. + minimum: 1 + type: integer + Security_Solution_Detections_API_SavedObjectResolveAliasPurpose: + enum: + - savedObjectConversion + - savedObjectImport + type: string + Security_Solution_Detections_API_SavedObjectResolveAliasTargetId: + type: string + Security_Solution_Detections_API_SavedObjectResolveOutcome: + enum: + - exactMatch + - aliasMatch + - conflict + type: string + Security_Solution_Detections_API_SavedQueryId: + type: string + Security_Solution_Detections_API_SavedQueryRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleResponseFields + Security_Solution_Detections_API_SavedQueryRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleDefaultableFields + Security_Solution_Detections_API_SavedQueryRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateFields + Security_Solution_Detections_API_SavedQueryRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_SavedQueryRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + Security_Solution_Detections_API_SavedQueryRulePatchFields: + allOf: + - type: object + properties: + saved_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryId + type: + description: Rule type + enum: + - saved_query + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleDefaultableFields + Security_Solution_Detections_API_SavedQueryRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRulePatchFields + Security_Solution_Detections_API_SavedQueryRuleRequiredFields: + type: object + properties: + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + type: + description: Rule type + enum: + - saved_query + type: string + required: + - type + - saved_id + Security_Solution_Detections_API_SavedQueryRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_SavedQueryRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateFields + Security_Solution_Detections_API_SetAlertsStatusByIds: + type: object + properties: + signal_ids: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + minItems: 1 + type: array + status: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertStatus' + required: + - signal_ids + - status + Security_Solution_Detections_API_SetAlertsStatusByQuery: + type: object + properties: + conflicts: + default: abort + enum: + - abort + - proceed + type: string + query: + additionalProperties: true + type: object + status: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertStatus' + required: + - query + - status + Security_Solution_Detections_API_SetAlertTags: + type: object + properties: + tags_to_add: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertTags' + tags_to_remove: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertTags' + required: + - tags_to_add + - tags_to_remove + Security_Solution_Detections_API_SetupGuide: + type: string + Security_Solution_Detections_API_Severity: + description: Severity of the rule + enum: + - low + - medium + - high + - critical + type: string + Security_Solution_Detections_API_SeverityMapping: + description: Overrides generated alerts' severity with values from the source event + items: + type: object + properties: + field: + type: string + operator: + enum: + - equals + type: string + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + value: + type: string + required: + - field + - operator + - severity + - value + type: array + Security_Solution_Detections_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Detections_API_SkippedAlertsIndexMigration: + type: object + properties: + index: + type: string + required: + - index + Security_Solution_Detections_API_SortOrder: + enum: + - asc + - desc + type: string + Security_Solution_Detections_API_Threat: + type: object + properties: + framework: + description: Relevant attack framework + type: string + tactic: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatTactic' + technique: + description: Array containing information on the attack techniques (optional) + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatTechnique + type: array + required: + - framework + - tactic + Security_Solution_Detections_API_ThreatArray: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_Threat' + type: array + Security_Solution_Detections_API_ThreatFilters: + items: + description: >- + Query and filter context array used to filter documents from the + Elasticsearch index containing the threat values + type: array + Security_Solution_Detections_API_ThreatIndex: + items: + type: string + type: array + Security_Solution_Detections_API_ThreatIndicatorPath: + description: >- + Defines the path to the threat indicator in the indicator documents + (optional) + type: string + Security_Solution_Detections_API_ThreatMapping: + items: + type: object + properties: + entries: + items: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: + enum: + - mapping + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + required: + - field + - type + - value + type: array + required: + - entries + minItems: 1 + type: array + Security_Solution_Detections_API_ThreatMatchRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleResponseFields + Security_Solution_Detections_API_ThreatMatchRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleDefaultableFields + Security_Solution_Detections_API_ThreatMatchRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateFields + Security_Solution_Detections_API_ThreatMatchRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_ThreatMatchRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + concurrent_searches: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ConcurrentSearches + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + items_per_search: + $ref: '#/components/schemas/Security_Solution_Detections_API_ItemsPerSearch' + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + threat_filters: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatFilters' + threat_indicator_path: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatIndicatorPath + threat_language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_ThreatMatchRulePatchFields: + allOf: + - type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threat_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatIndex + threat_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMapping + threat_query: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatQuery + type: + description: Rule type + enum: + - threat_match + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleDefaultableFields + Security_Solution_Detections_API_ThreatMatchRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRulePatchFields + Security_Solution_Detections_API_ThreatMatchRuleRequiredFields: + type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threat_index: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatIndex' + threat_mapping: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatMapping' + threat_query: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatQuery' + type: + description: Rule type + enum: + - threat_match + type: string + required: + - type + - query + - threat_query + - threat_mapping + - threat_index + Security_Solution_Detections_API_ThreatMatchRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_ThreatMatchRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateFields + Security_Solution_Detections_API_ThreatQuery: + description: Query to run + type: string + Security_Solution_Detections_API_ThreatSubtechnique: + type: object + properties: + id: + description: Subtechnique ID + type: string + name: + description: Subtechnique name + type: string + reference: + description: Subtechnique reference + type: string + required: + - id + - name + - reference + Security_Solution_Detections_API_ThreatTactic: + type: object + properties: + id: + description: Tactic ID + type: string + name: + description: Tactic name + type: string + reference: + description: Tactic reference + type: string + required: + - id + - name + - reference + Security_Solution_Detections_API_ThreatTechnique: + type: object + properties: + id: + description: Technique ID + type: string + name: + description: Technique name + type: string + reference: + description: Technique reference + type: string + subtechnique: + description: Array containing more specific information on the attack technique + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatSubtechnique + type: array + required: + - id + - name + - reference + Security_Solution_Detections_API_Threshold: + type: object + properties: + cardinality: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdCardinality + field: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThresholdField' + value: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThresholdValue' + required: + - field + - value + Security_Solution_Detections_API_ThresholdAlertSuppression: + type: object + properties: + duration: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionDuration + required: + - duration + Security_Solution_Detections_API_ThresholdCardinality: + items: + type: object + properties: + field: + type: string + value: + minimum: 0 + type: integer + required: + - field + - value + type: array + Security_Solution_Detections_API_ThresholdField: + description: Field to aggregate on + oneOf: + - type: string + - items: + type: string + type: array + Security_Solution_Detections_API_ThresholdRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleResponseFields + Security_Solution_Detections_API_ThresholdRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleDefaultableFields + Security_Solution_Detections_API_ThresholdRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateFields + Security_Solution_Detections_API_ThresholdRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_ThresholdRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdAlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + Security_Solution_Detections_API_ThresholdRulePatchFields: + allOf: + - type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threshold: + $ref: '#/components/schemas/Security_Solution_Detections_API_Threshold' + type: + description: Rule type + enum: + - threshold + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleDefaultableFields + Security_Solution_Detections_API_ThresholdRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRulePatchFields + Security_Solution_Detections_API_ThresholdRuleRequiredFields: + type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threshold: + $ref: '#/components/schemas/Security_Solution_Detections_API_Threshold' + type: + description: Rule type + enum: + - threshold + type: string + required: + - type + - query + - threshold + Security_Solution_Detections_API_ThresholdRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_ThresholdRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateFields + Security_Solution_Detections_API_ThresholdValue: + description: Threshold value + minimum: 1 + type: integer + Security_Solution_Detections_API_ThrottleForBulkActions: + description: >- + The condition for throttling the notification: 'rule', 'no_actions', or + time duration + enum: + - rule + - 1h + - 1d + - 7d + type: string + Security_Solution_Detections_API_TiebreakerField: + description: Sets a secondary field for sorting events + type: string + Security_Solution_Detections_API_TimelineTemplateId: + description: Timeline template ID + type: string + Security_Solution_Detections_API_TimelineTemplateTitle: + description: Timeline template title + type: string + Security_Solution_Detections_API_TimestampField: + description: Contains the event timestamp used for sorting a sequence of events + type: string + Security_Solution_Detections_API_TimestampOverride: + description: Sets the time field used to query indices + type: string + Security_Solution_Detections_API_TimestampOverrideFallbackDisabled: + description: Disables the fallback to the event's @timestamp field + type: boolean + Security_Solution_Detections_API_UUID: + description: A universally unique identifier + format: uuid + type: string + Security_Solution_Detections_API_WarningSchema: + type: object + properties: + actionPath: + type: string + buttonLabel: + type: string + message: + type: string + type: + type: string + required: + - type + - message + - actionPath + Security_Solution_Endpoint_Exceptions_API_EndpointList: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionList + - additionalProperties: false + type: object + Security_Solution_Endpoint_Exceptions_API_EndpointListItem: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItem + Security_Solution_Endpoint_Exceptions_API_ExceptionList: + type: object + properties: + _version: + type: string + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListDescription + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListId + immutable: + type: boolean + list_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListType + updated_at: + format: date-time + type: string + updated_by: + type: string + version: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListVersion + required: + - id + - list_id + - type + - name + - description + - immutable + - namespace_type + - version + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Endpoint_Exceptions_API_ExceptionListDescription: + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListHumanId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + description: Human readable string identifier, e.g. `trusted-linux-processes` + Security_Solution_Endpoint_Exceptions_API_ExceptionListId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItem: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + item_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType + updated_at: + format: date-time + type: string + updated_by: + type: string + required: + - id + - item_id + - list_id + - type + - name + - description + - entries + - namespace_type + - comments + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemComment: + type: object + properties: + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + created_at: + format: date-time + type: string + created_by: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + updated_at: + format: date-time + type: string + updated_by: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + required: + - id + - comment + - created_at + - created_by + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemComment + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription: + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntry: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryList + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryExists + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNested + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchWildcard + discriminator: + propertyName: type + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntry + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryExists: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - exists + type: string + required: + - type + - field + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryList: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + list: + type: object + properties: + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ListId + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ListType + required: + - id + - type + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - list + type: string + required: + - type + - field + - list + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatch: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + required: + - type + - field + - value + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match_any + type: string + value: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + minItems: 1 + type: array + required: + - type + - field + - value + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchWildcard: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - wildcard + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + required: + - type + - field + - value + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNested: + type: object + properties: + entries: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNestedEntryItem + minItems: 1 + type: array + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + type: + enum: + - nested + type: string + required: + - type + - field + - entries + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNestedEntryItem: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryExists + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator: + enum: + - excluded + - included + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta: + additionalProperties: true + type: object + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType: + enum: + - simple + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListMeta: + additionalProperties: true + type: object + Security_Solution_Endpoint_Exceptions_API_ExceptionListName: + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListOsType: + enum: + - linux + - macos + - windows + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListTags: + items: + type: string + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListType: + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListVersion: + minimum: 1 + type: integer + Security_Solution_Endpoint_Exceptions_API_ExceptionNamespaceType: + description: > + Determines whether the exception container is available in all Kibana + spaces or just the space + + in which it is created, where: + + + - `single`: Only available in the Kibana space in which it is created. + + - `agnostic`: Available in all Kibana spaces. + enum: + - agnostic + - single + type: string + Security_Solution_Endpoint_Exceptions_API_FindEndpointListItemsFilter: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ListId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Solution_Endpoint_Exceptions_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Endpoint_Management_API_ActionLogRequestQuery: + type: object + properties: + end_date: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndDate + page: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Page' + page_size: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PageSize + start_date: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_StartDate + Security_Solution_Endpoint_Management_API_ActionStateSuccessResponse: + type: object + properties: + body: + type: object + properties: + data: + type: object + properties: + canEncrypt: + type: boolean + required: + - data + required: + - body + Security_Solution_Endpoint_Management_API_ActionStatusSuccessResponse: + type: object + properties: + body: + type: object + properties: + data: + type: object + properties: + agent_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentId + pending_actions: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionsSchema + required: + - agent_id + - pending_actions + required: + - data + required: + - body + Security_Solution_Endpoint_Management_API_AgentId: + description: Agent ID + type: string + Security_Solution_Endpoint_Management_API_AgentIds: + minLength: 1 + oneOf: + - items: + minLength: 1 + type: string + maxItems: 50 + minItems: 1 + type: array + - minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_AgentTypes: + enum: + - endpoint + - sentinel_one + - crowdstrike + type: string + Security_Solution_Endpoint_Management_API_AlertIds: + description: A list of alerts ids. + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NonEmptyString + minItems: 1 + type: array + Security_Solution_Endpoint_Management_API_CaseIds: + description: Case IDs to be updated (cannot contain empty strings) + items: + minLength: 1 + type: string + minItems: 1 + type: array + Security_Solution_Endpoint_Management_API_Command: + description: The command to be executed (cannot be an empty string) + enum: + - isolate + - unisolate + - kill-process + - suspend-process + - running-processes + - get-file + - execute + - upload + - scan + minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_Commands: + items: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Command' + type: array + Security_Solution_Endpoint_Management_API_Comment: + description: Optional comment + type: string + Security_Solution_Endpoint_Management_API_EndDate: + description: End date + type: string + Security_Solution_Endpoint_Management_API_EndpointIds: + description: List of endpoint IDs (cannot contain empty strings) + items: + minLength: 1 + type: string + minItems: 1 + type: array + Security_Solution_Endpoint_Management_API_EntityId: + type: object + properties: + entity_id: + minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_ExecuteRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + command: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Command + timeout: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Timeout + required: + - command + required: + - parameters + Security_Solution_Endpoint_Management_API_GetEndpointActionListRouteQuery: + type: object + properties: + agentIds: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentIds + agentTypes: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + commands: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Commands + endDate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndDate + page: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Page' + pageSize: + default: 10 + description: Number of items per page + maximum: 10000 + minimum: 1 + type: integer + startDate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_StartDate + types: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Types' + userIds: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_UserIds + withOutputs: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_WithOutputs + Security_Solution_Endpoint_Management_API_GetFileRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + path: + type: string + required: + - path + required: + - parameters + Security_Solution_Endpoint_Management_API_GetProcessesRouteRequestBody: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NoParametersRequestSchema + Security_Solution_Endpoint_Management_API_IsolateRouteRequestBody: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NoParametersRequestSchema + Security_Solution_Endpoint_Management_API_KillProcessRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Pid + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EntityId + - type: object + properties: + process_name: + description: Valid for SentinelOne agent type only + minLength: 1 + type: string + required: + - parameters + Security_Solution_Endpoint_Management_API_ListRequestQuery: + type: object + properties: + hostStatuses: + items: + enum: + - healthy + - offline + - updating + - inactive + - unenrolled + type: string + type: array + kuery: + nullable: true + type: string + page: + default: 0 + description: Page number + minimum: 0 + type: integer + pageSize: + default: 10 + description: Number of items per page + maximum: 10000 + minimum: 1 + type: integer + sortDirection: + enum: + - asc + - desc + nullable: true + type: string + sortField: + enum: + - enrolled_at + - metadata.host.hostname + - host_status + - metadata.Endpoint.policy.applied.name + - metadata.Endpoint.policy.applied.status + - metadata.host.os.name + - metadata.host.ip + - metadata.agent.version + - last_checkin + type: string + required: + - hostStatuses + Security_Solution_Endpoint_Management_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Endpoint_Management_API_NoParametersRequestSchema: + type: object + properties: + body: + type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + required: + - body + Security_Solution_Endpoint_Management_API_Page: + default: 1 + description: Page number + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_PageSize: + default: 10 + description: Number of items per page + maximum: 100 + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_Parameters: + description: Optional parameters object + type: object + Security_Solution_Endpoint_Management_API_PendingActionDataType: + type: integer + Security_Solution_Endpoint_Management_API_PendingActionsSchema: + oneOf: + - type: object + properties: + execute: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + get-file: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + isolate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + kill-process: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + running-processes: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + scan: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + suspend-process: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + unisolate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + upload: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + - additionalProperties: true + type: object + Security_Solution_Endpoint_Management_API_Pid: + type: object + properties: + pid: + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_ProtectionUpdatesNoteResponse: + type: object + properties: + note: + type: string + Security_Solution_Endpoint_Management_API_ScanRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + path: + type: string + required: + - path + required: + - parameters + Security_Solution_Endpoint_Management_API_StartDate: + description: Start date + type: string + Security_Solution_Endpoint_Management_API_SuccessResponse: + type: object + properties: {} + Security_Solution_Endpoint_Management_API_SuspendProcessRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Pid + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EntityId + required: + - parameters + Security_Solution_Endpoint_Management_API_Timeout: + description: The maximum timeout value in milliseconds (optional) + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_Type: + description: Type of response action + enum: + - automated + - manual + type: string + Security_Solution_Endpoint_Management_API_Types: + description: List of types of response actions + items: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Type' + maxLength: 2 + minLength: 1 + type: array + Security_Solution_Endpoint_Management_API_UnisolateRouteRequestBody: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NoParametersRequestSchema + Security_Solution_Endpoint_Management_API_UploadRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + file: + format: binary + type: string + parameters: + type: object + properties: + overwrite: + default: false + type: boolean + required: + - parameters + - file + Security_Solution_Endpoint_Management_API_UserIds: + description: User IDs + oneOf: + - items: + minLength: 1 + type: string + minItems: 1 + type: array + - minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_WithOutputs: + description: Shows detailed outputs for an action response + oneOf: + - items: + minLength: 1 + type: string + minItems: 1 + type: array + - minLength: 1 + type: string + Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadErrorItem: + type: object + properties: + index: + type: integer + message: + type: string + required: + - message + - index + Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadStats: + type: object + properties: + failed: + type: integer + successful: + type: integer + total: + type: integer + required: + - successful + - failed + - total + Security_Solution_Entity_Analytics_API_AssetCriticalityLevel: + description: The criticality level of the asset. + enum: + - low_impact + - medium_impact + - high_impact + - extreme_impact + type: string + Security_Solution_Entity_Analytics_API_AssetCriticalityRecord: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord + - type: object + properties: + '@timestamp': + description: The time the record was created or updated. + example: '2017-07-21T17:32:28Z' + format: date-time + type: string + required: + - '@timestamp' + Security_Solution_Entity_Analytics_API_AssetCriticalityRecordIdParts: + type: object + properties: + id_field: + $ref: '#/components/schemas/Security_Solution_Entity_Analytics_API_IdField' + description: The field representing the ID. + example: host.name + id_value: + description: The ID value of the asset. + type: string + required: + - id_value + - id_field + Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecordIdParts + - type: object + properties: + criticality_level: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityLevel + required: + - criticality_level + Security_Solution_Entity_Analytics_API_EngineDescriptor: + type: object + properties: + filter: + type: string + indexPattern: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IndexPattern + status: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EngineStatus + type: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + Security_Solution_Entity_Analytics_API_EngineStatus: + enum: + - installing + - started + - stopped + type: string + Security_Solution_Entity_Analytics_API_Entity: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_UserEntity + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_HostEntity + Security_Solution_Entity_Analytics_API_EntityType: + enum: + - user + - host + type: string + Security_Solution_Entity_Analytics_API_HostEntity: + type: object + properties: + entity: + type: object + properties: + definitionId: + type: string + definitionVersion: + type: string + displayName: + type: string + firstSeenTimestamp: + format: date-time + type: string + id: + type: string + identityFields: + items: + type: string + type: array + lastSeenTimestamp: + format: date-time + type: string + schemaVersion: + type: string + type: + enum: + - node + type: string + required: + - lastSeenTimestamp + - schemaVersion + - definitionVersion + - displayName + - identityFields + - id + - type + - firstSeenTimestamp + - definitionId + host: + type: object + properties: + architecture: + items: + type: string + type: array + domain: + items: + type: string + type: array + hostname: + items: + type: string + type: array + id: + items: + type: string + type: array + ip: + items: + type: string + type: array + mac: + items: + type: string + type: array + name: + type: string + type: + items: + type: string + type: array + required: + - name + Security_Solution_Entity_Analytics_API_IdField: + enum: + - host.name + - user.name + type: string + Security_Solution_Entity_Analytics_API_IndexPattern: + type: string + Security_Solution_Entity_Analytics_API_InspectQuery: + type: object + properties: + dsl: + items: + type: string + type: array + response: + items: + type: string + type: array + required: + - dsl + - response + Security_Solution_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse: + type: object + properties: + full_error: + type: string + message: + type: string + required: + - message + - full_error + Security_Solution_Entity_Analytics_API_RiskEngineScheduleNowResponse: + type: object + properties: + success: + type: boolean + Security_Solution_Entity_Analytics_API_TaskManagerUnavailableResponse: + description: Task manager is unavailable + type: object + properties: + message: + type: string + status_code: + minimum: 400 + type: integer + required: + - status_code + - message + Security_Solution_Entity_Analytics_API_UserEntity: + type: object + properties: + entity: + type: object + properties: + definitionId: + type: string + definitionVersion: + type: string + displayName: + type: string + firstSeenTimestamp: + format: date-time + type: string + id: + type: string + identityFields: + items: + type: string + type: array + lastSeenTimestamp: + format: date-time + type: string + schemaVersion: + type: string + type: + enum: + - node + type: string + required: + - lastSeenTimestamp + - schemaVersion + - definitionVersion + - displayName + - identityFields + - id + - type + - firstSeenTimestamp + - definitionId + user: + type: object + properties: + domain: + items: + type: string + type: array + email: + items: + type: string + type: array + full_name: + items: + type: string + type: array + hash: + items: + type: string + type: array + id: + items: + type: string + type: array + name: + type: string + roles: + items: + type: string + type: array + required: + - name + Security_Solution_Exceptions_API_CreateExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - comment + Security_Solution_Exceptions_API_CreateExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateExceptionListItemComment + type: array + Security_Solution_Exceptions_API_CreateRuleExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - comment + Security_Solution_Exceptions_API_CreateRuleExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateRuleExceptionListItemComment + type: array + Security_Solution_Exceptions_API_CreateRuleExceptionListItemProps: + type: object + properties: + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateRuleExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + Security_Solution_Exceptions_API_ExceptionList: + type: object + properties: + _version: + type: string + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + immutable: + type: boolean + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListType + updated_at: + format: date-time + type: string + updated_by: + type: string + version: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListVersion + required: + - id + - list_id + - type + - name + - description + - immutable + - namespace_type + - version + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Exceptions_API_ExceptionListDescription: + type: string + Security_Solution_Exceptions_API_ExceptionListHumanId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + description: Human readable string identifier, e.g. `trusted-linux-processes` + Security_Solution_Exceptions_API_ExceptionListId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItem: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemCommentArray + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + updated_at: + format: date-time + type: string + updated_by: + type: string + required: + - id + - item_id + - list_id + - type + - name + - description + - entries + - namespace_type + - comments + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Exceptions_API_ExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + created_at: + format: date-time + type: string + created_by: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + id: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + updated_at: + format: date-time + type: string + updated_by: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - id + - comment + - created_at + - created_by + Security_Solution_Exceptions_API_ExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemComment + type: array + Security_Solution_Exceptions_API_ExceptionListItemDescription: + type: string + Security_Solution_Exceptions_API_ExceptionListItemEntry: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryList + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryExists + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryNested + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatchWildcard + discriminator: + propertyName: type + Security_Solution_Exceptions_API_ExceptionListItemEntryArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntry + type: array + Security_Solution_Exceptions_API_ExceptionListItemEntryExists: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - exists + type: string + required: + - type + - field + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryList: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + list: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_ListId' + type: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_ListType' + required: + - id + - type + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - list + type: string + required: + - type + - field + - list + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryMatch: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match + type: string + value: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - type + - field + - value + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryMatchAny: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match_any + type: string + value: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_NonEmptyString + minItems: 1 + type: array + required: + - type + - field + - value + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryMatchWildcard: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - wildcard + type: string + value: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - type + - field + - value + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryNested: + type: object + properties: + entries: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryNestedEntryItem + minItems: 1 + type: array + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + type: + enum: + - nested + type: string + required: + - type + - field + - entries + Security_Solution_Exceptions_API_ExceptionListItemEntryNestedEntryItem: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryExists + Security_Solution_Exceptions_API_ExceptionListItemEntryOperator: + enum: + - excluded + - included + type: string + Security_Solution_Exceptions_API_ExceptionListItemHumanId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItemId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItemMeta: + additionalProperties: true + type: object + Security_Solution_Exceptions_API_ExceptionListItemName: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Exceptions_API_ExceptionListItemTags: + items: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + type: array + Security_Solution_Exceptions_API_ExceptionListItemType: + enum: + - simple + type: string + Security_Solution_Exceptions_API_ExceptionListMeta: + additionalProperties: true + type: object + Security_Solution_Exceptions_API_ExceptionListName: + type: string + Security_Solution_Exceptions_API_ExceptionListOsType: + enum: + - linux + - macos + - windows + type: string + Security_Solution_Exceptions_API_ExceptionListOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Exceptions_API_ExceptionListsImportBulkError: + type: object + properties: + error: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + required: + - error + Security_Solution_Exceptions_API_ExceptionListsImportBulkErrorArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListsImportBulkError + type: array + Security_Solution_Exceptions_API_ExceptionListTags: + items: + type: string + type: array + Security_Solution_Exceptions_API_ExceptionListType: + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Solution_Exceptions_API_ExceptionListVersion: + minimum: 1 + type: integer + Security_Solution_Exceptions_API_ExceptionNamespaceType: + description: > + Determines whether the exception container is available in all Kibana + spaces or just the space + + in which it is created, where: + + + - `single`: Only available in the Kibana space in which it is created. + + - `agnostic`: Available in all Kibana spaces. + enum: + - agnostic + - single + type: string + Security_Solution_Exceptions_API_FindExceptionListItemsFilter: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_FindExceptionListsFilter: + type: string + Security_Solution_Exceptions_API_ListId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Solution_Exceptions_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Exceptions_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Exceptions_API_RuleId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_UUID' + Security_Solution_Exceptions_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Exceptions_API_UpdateExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + id: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - comment + Security_Solution_Exceptions_API_UpdateExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_UpdateExceptionListItemComment + type: array + Security_Solution_Exceptions_API_UUID: + description: A universally unique identifier + format: uuid + type: string + Security_Solution_Lists_API_FindListItemsCursor: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_FindListItemsFilter: + type: string + Security_Solution_Lists_API_FindListsCursor: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_FindListsFilter: + type: string + Security_Solution_Lists_API_List: + type: object + properties: + _version: + type: string + '@timestamp': + format: date-time + type: string + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListDescription' + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + immutable: + type: boolean + meta: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListMetadata' + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + serializer: + type: string + tie_breaker_id: + type: string + type: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + updated_at: + format: date-time + type: string + updated_by: + type: string + version: + minimum: 1 + type: integer + required: + - id + - type + - name + - description + - immutable + - version + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Lists_API_ListDescription: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListId: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListItem: + type: object + properties: + _version: + type: string + '@timestamp': + format: date-time + type: string + created_at: + format: date-time + type: string + created_by: + type: string + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + list_id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemMetadata' + serializer: + type: string + tie_breaker_id: + type: string + type: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + updated_at: + format: date-time + type: string + updated_by: + type: string + value: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemValue' + required: + - id + - type + - list_id + - value + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Lists_API_ListItemId: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListItemMetadata: + additionalProperties: true + type: object + Security_Solution_Lists_API_ListItemPrivileges: + type: object + properties: + application: + additionalProperties: + type: boolean + type: object + cluster: + additionalProperties: + type: boolean + type: object + has_all_requested: + type: boolean + index: + additionalProperties: + additionalProperties: + type: boolean + type: object + type: object + username: + type: string + required: + - username + - has_all_requested + - cluster + - index + - application + Security_Solution_Lists_API_ListItemValue: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListMetadata: + additionalProperties: true + type: object + Security_Solution_Lists_API_ListName: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListPrivileges: + type: object + properties: + application: + additionalProperties: + type: boolean + type: object + cluster: + additionalProperties: + type: boolean + type: object + has_all_requested: + type: boolean + index: + additionalProperties: + additionalProperties: + type: boolean + type: object + type: object + username: + type: string + required: + - username + - has_all_requested + - cluster + - index + - application + Security_Solution_Lists_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Solution_Lists_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Lists_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Lists_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Osquery_API_ArrayQueries: + items: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ArrayQueriesItem' + type: array + Security_Solution_Osquery_API_ArrayQueriesItem: + type: object + properties: + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PlatformOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Query' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_CreateLiveQueryRequestBody: + type: object + properties: + agent_all: + type: boolean + agent_ids: + items: + type: string + type: array + agent_platforms: + items: + type: string + type: array + agent_policy_ids: + items: + type: string + type: array + alert_ids: + items: + type: string + type: array + case_ids: + items: + type: string + type: array + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + event_ids: + items: + type: string + type: array + metadata: + nullable: true + type: object + pack_id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackIdOrUndefined' + queries: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ArrayQueries' + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_QueryOrUndefined' + saved_query_id: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SavedQueryIdOrUndefined + Security_Solution_Osquery_API_CreatePacksRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + enabled: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_EnabledOrUndefined + name: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackName' + policy_ids: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PolicyIdsOrUndefined + queries: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ObjectQueries' + shards: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Shards' + Security_Solution_Osquery_API_CreateSavedQueryRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + interval: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Interval' + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_QueryOrUndefined' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_DefaultSuccessResponse: + type: object + properties: {} + Security_Solution_Osquery_API_Description: + type: string + Security_Solution_Osquery_API_DescriptionOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Description' + nullable: true + Security_Solution_Osquery_API_ECSMapping: + additionalProperties: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ECSMappingItem' + type: object + Security_Solution_Osquery_API_ECSMappingItem: + type: object + properties: + field: + type: string + value: + oneOf: + - type: string + - items: + type: string + type: array + Security_Solution_Osquery_API_ECSMappingOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ECSMapping' + nullable: true + Security_Solution_Osquery_API_Enabled: + type: boolean + Security_Solution_Osquery_API_EnabledOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Enabled' + nullable: true + Security_Solution_Osquery_API_FindLiveQueryRequestQuery: + type: object + properties: + kuery: + $ref: '#/components/schemas/Security_Solution_Osquery_API_KueryOrUndefined' + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_FindPacksRequestQuery: + type: object + properties: + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_FindSavedQueryRequestQuery: + type: object + properties: + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_GetLiveQueryResultsRequestQuery: + type: object + properties: + kuery: + $ref: '#/components/schemas/Security_Solution_Osquery_API_KueryOrUndefined' + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_Id: + type: string + Security_Solution_Osquery_API_Interval: + type: string + Security_Solution_Osquery_API_IntervalOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Interval' + nullable: true + Security_Solution_Osquery_API_KueryOrUndefined: + nullable: true + type: string + Security_Solution_Osquery_API_ObjectQueries: + additionalProperties: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ObjectQueriesItem' + type: object + Security_Solution_Osquery_API_ObjectQueriesItem: + type: object + properties: + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PlatformOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Query' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + saved_query_id: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SavedQueryIdOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_PackId: + type: string + Security_Solution_Osquery_API_PackIdOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + nullable: true + Security_Solution_Osquery_API_PackName: + type: string + Security_Solution_Osquery_API_PageOrUndefined: + nullable: true + type: integer + Security_Solution_Osquery_API_PageSizeOrUndefined: + nullable: true + type: integer + Security_Solution_Osquery_API_Platform: + type: string + Security_Solution_Osquery_API_PlatformOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Platform' + nullable: true + Security_Solution_Osquery_API_PolicyIds: + items: + type: string + type: array + Security_Solution_Osquery_API_PolicyIdsOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PolicyIds' + nullable: true + Security_Solution_Osquery_API_Query: + type: string + Security_Solution_Osquery_API_QueryOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Query' + nullable: true + Security_Solution_Osquery_API_Removed: + type: boolean + Security_Solution_Osquery_API_RemovedOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Removed' + nullable: true + Security_Solution_Osquery_API_SavedQueryId: + type: string + Security_Solution_Osquery_API_SavedQueryIdOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + nullable: true + Security_Solution_Osquery_API_Shards: + additionalProperties: + type: number + type: object + Security_Solution_Osquery_API_Snapshot: + type: boolean + Security_Solution_Osquery_API_SnapshotOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Snapshot' + nullable: true + Security_Solution_Osquery_API_SortOrderOrUndefined: + oneOf: + - nullable: true + type: string + - enum: + - asc + - desc + Security_Solution_Osquery_API_SortOrUndefined: + nullable: true + type: string + Security_Solution_Osquery_API_UpdatePacksRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + enabled: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_EnabledOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + policy_ids: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PolicyIdsOrUndefined + queries: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ObjectQueries' + shards: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Shards' + Security_Solution_Osquery_API_UpdateSavedQueryRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + interval: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_IntervalOrUndefined + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_QueryOrUndefined' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_Version: + type: string + Security_Solution_Osquery_API_VersionOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Version' + nullable: true + Security_Solution_Timeline_API_BareNote: + type: object + properties: + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + eventId: + nullable: true + type: string + note: + nullable: true + type: string + timelineId: + nullable: true + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + required: + - timelineId + Security_Solution_Timeline_API_ColumnHeaderResult: + type: object + properties: + aggregatable: + type: boolean + category: + type: string + columnHeaderType: + type: string + description: + type: string + example: + oneOf: + - type: string + - type: number + id: + type: string + indexes: + items: + type: string + type: array + name: + type: string + placeholder: + type: string + searchable: + type: boolean + type: + type: string + Security_Solution_Timeline_API_DataProviderQueryMatch: + type: object + properties: + enabled: + nullable: true + type: boolean + excluded: + nullable: true + type: boolean + id: + nullable: true + type: string + kqlQuery: + nullable: true + type: string + name: + nullable: true + type: string + queryMatch: + $ref: '#/components/schemas/Security_Solution_Timeline_API_QueryMatchResult' + Security_Solution_Timeline_API_DataProviderResult: + type: object + properties: + and: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_DataProviderQueryMatch + nullable: true + type: array + enabled: + nullable: true + type: boolean + excluded: + nullable: true + type: boolean + id: + nullable: true + type: string + kqlQuery: + nullable: true + type: string + name: + nullable: true + type: string + queryMatch: + $ref: '#/components/schemas/Security_Solution_Timeline_API_QueryMatchResult' + nullable: true + type: + $ref: '#/components/schemas/Security_Solution_Timeline_API_DataProviderType' + nullable: true + Security_Solution_Timeline_API_DataProviderType: + description: >- + The type of data provider to create. Valid values are `default` and + `template`. + enum: + - default + - template + type: string + Security_Solution_Timeline_API_DocumentIds: + oneOf: + - items: + type: string + type: array + - type: string + Security_Solution_Timeline_API_FavoriteTimelineResponse: + type: object + properties: + code: + nullable: true + type: number + favorite: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FavoriteTimelineResult + type: array + message: + nullable: true + type: string + savedObjectId: + type: string + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineType: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + version: + type: string + required: + - savedObjectId + - version + Security_Solution_Timeline_API_FavoriteTimelineResult: + type: object + properties: + favoriteDate: + nullable: true + type: number + fullName: + nullable: true + type: string + userName: + nullable: true + type: string + Security_Solution_Timeline_API_FilterTimelineResult: + type: object + properties: + exists: + type: boolean + match_all: + type: string + meta: + type: object + properties: + alias: + type: string + controlledBy: + type: string + disabled: + type: boolean + field: + type: string + formattedValue: + type: string + index: + type: string + key: + type: string + negate: + type: boolean + params: + type: string + type: + type: string + value: + type: string + missing: + type: string + query: + type: string + range: + type: string + script: + type: string + Security_Solution_Timeline_API_ImportTimelineResult: + type: object + properties: + errors: + items: + type: object + properties: + error: + type: object + properties: + message: + type: string + status_code: + type: number + id: + type: string + type: array + success: + type: boolean + success_count: + type: number + timelines_installed: + type: number + timelines_updated: + type: number + Security_Solution_Timeline_API_ImportTimelines: + allOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_SavedTimeline' + - type: object + properties: + eventNotes: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + nullable: true + type: array + globalNotes: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + nullable: true + type: array + pinnedEventIds: + items: + type: string + nullable: true + type: array + savedObjectId: + nullable: true + type: string + version: + nullable: true + type: string + Security_Solution_Timeline_API_Note: + allOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + - type: object + properties: + noteId: + type: string + version: + type: string + Security_Solution_Timeline_API_PinnedEvent: + type: object + properties: + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + eventId: + type: string + pinnedEventId: + type: string + timelineId: + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + version: + type: string + required: + - eventId + - pinnedEventId + - timelineId + - version + Security_Solution_Timeline_API_QueryMatchResult: + type: object + properties: + displayField: + nullable: true + type: string + displayValue: + nullable: true + type: string + field: + nullable: true + type: string + operator: + nullable: true + type: string + value: + nullable: true + type: string + Security_Solution_Timeline_API_Readable: + type: object + properties: + _data: + additionalProperties: true + type: object + _encoding: + type: string + _events: + additionalProperties: true + type: object + _eventsCount: + type: number + _maxListeners: + additionalProperties: true + type: object + _position: + type: number + _read: + additionalProperties: true + type: object + _readableState: + additionalProperties: true + type: object + readable: + type: boolean + Security_Solution_Timeline_API_RowRendererId: + enum: + - alert + - alerts + - auditd + - auditd_file + - library + - netflow + - plain + - registry + - suricata + - system + - system_dns + - system_endgame_process + - system_file + - system_fim + - system_security_event + - system_socket + - threat_match + - zeek + type: string + Security_Solution_Timeline_API_SavedTimeline: + type: object + properties: + columns: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ColumnHeaderResult + nullable: true + type: array + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + dataProviders: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_DataProviderResult + nullable: true + type: array + dataViewId: + nullable: true + type: string + dateRange: + nullable: true + type: object + properties: + end: + oneOf: + - type: string + - type: number + start: + oneOf: + - type: string + - type: number + description: + nullable: true + type: string + eqlOptions: + nullable: true + type: object + properties: + eventCategoryField: + nullable: true + type: string + query: + nullable: true + type: string + size: + oneOf: + - nullable: true + type: string + - nullable: true + type: number + tiebreakerField: + nullable: true + type: string + timestampField: + nullable: true + type: string + eventType: + nullable: true + type: string + excludedRowRendererIds: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_RowRendererId' + nullable: true + type: array + favorite: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FavoriteTimelineResult + nullable: true + type: array + filters: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FilterTimelineResult + nullable: true + type: array + indexNames: + items: + type: string + nullable: true + type: array + kqlMode: + nullable: true + type: string + kqlQuery: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SerializedFilterQueryResult + nullable: true + savedQueryId: + nullable: true + type: string + savedSearchId: + nullable: true + type: string + sort: + $ref: '#/components/schemas/Security_Solution_Timeline_API_Sort' + nullable: true + status: + enum: + - active + - draft + - immutable + nullable: true + type: string + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineType: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + nullable: true + title: + nullable: true + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + Security_Solution_Timeline_API_SerializedFilterQueryResult: + type: object + properties: + filterQuery: + nullable: true + type: object + properties: + kuery: + nullable: true + type: object + properties: + expression: + nullable: true + type: string + kind: + nullable: true + type: string + serializedQuery: + nullable: true + type: string + Security_Solution_Timeline_API_Sort: + oneOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_SortObject' + - items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_SortObject' + type: array + Security_Solution_Timeline_API_SortFieldTimeline: + description: The field to sort the timelines by. + enum: + - title + - description + - updated + - created + type: string + Security_Solution_Timeline_API_SortObject: + type: object + properties: + columnId: + nullable: true + type: string + columnType: + nullable: true + type: string + sortDirection: + nullable: true + type: string + Security_Solution_Timeline_API_TimelineResponse: + allOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_SavedTimeline' + - type: object + properties: + eventIdToNoteIds: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_Note' + type: array + noteIds: + items: + type: string + type: array + notes: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_Note' + type: array + pinnedEventIds: + items: + type: string + type: array + pinnedEventsSaveObject: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_PinnedEvent + type: array + savedObjectId: + type: string + version: + type: string + required: + - savedObjectId + - version + Security_Solution_Timeline_API_TimelineStatus: + description: >- + The status of the timeline. Valid values are `active`, `draft`, and + `immutable`. + enum: + - active + - draft + - immutable + type: string + Security_Solution_Timeline_API_TimelineType: + description: >- + The type of timeline to create. Valid values are `default` and + `template`. + enum: + - default + - template + type: string + SLOs_400_response: + title: Bad request + type: object + properties: + error: + example: Bad Request + type: string + message: + example: 'Invalid value ''foo'' supplied to: [...]' + type: string + statusCode: + example: 400 + type: number + required: + - statusCode + - error + - message + SLOs_401_response: + title: Unauthorized + type: object + properties: + error: + example: Unauthorized + type: string + message: + example: "[security_exception\n\tRoot causes:\n\t\tsecurity_exception: unable to authenticate user [elastics] for REST request [/_security/_authenticate]]: unable to authenticate user [elastics] for REST request [/_security/_authenticate]" + type: string + statusCode: + example: 401 + type: number + required: + - statusCode + - error + - message + SLOs_403_response: + title: Unauthorized + type: object + properties: + error: + example: Unauthorized + type: string + message: + example: "[security_exception\n\tRoot causes:\n\t\tsecurity_exception: unable to authenticate user [elastics] for REST request [/_security/_authenticate]]: unable to authenticate user [elastics] for REST request [/_security/_authenticate]" + type: string + statusCode: + example: 403 + type: number + required: + - statusCode + - error + - message + SLOs_404_response: + title: Not found + type: object + properties: + error: + example: Not Found + type: string + message: + example: SLO [3749f390-03a3-11ee-8139-c7ff60a1692d] not found + type: string + statusCode: + example: 404 + type: number + required: + - statusCode + - error + - message + SLOs_409_response: + title: Conflict + type: object + properties: + error: + example: Conflict + type: string + message: + example: SLO [d077e940-1515-11ee-9c50-9d096392f520] already exists + type: string + statusCode: + example: 409 + type: number + required: + - statusCode + - error + - message + SLOs_budgeting_method: + description: The budgeting method to use when computing the rollup data. + enum: + - occurrences + - timeslices + example: occurrences + title: Budgeting method + type: string + SLOs_create_slo_request: + description: > + The create SLO API request body varies depending on the type of + indicator, time window and budgeting method. + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + description: + description: A description for the SLO. + type: string + groupBy: + description: optional group by field to use to generate an SLO per distinct value + example: some.field + type: string + id: + description: >- + A optional and unique identifier for the SLO. Must be between 8 and + 36 chars + example: my-super-slo-id + type: string + indicator: + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + name: + description: A name for the SLO. + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + settings: + $ref: '#/components/schemas/SLOs_settings' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + required: + - name + - description + - indicator + - timeWindow + - budgetingMethod + - objective + title: Create SLO request + type: object + SLOs_create_slo_response: + title: Create SLO response + type: object + properties: + id: + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + required: + - id + SLOs_delete_slo_instances_request: + description: > + The delete SLO instances request takes a list of SLO id and instance id, + then delete the rollup and summary data. This API can be used to remove + the staled data of an instance SLO that no longer get updated. + properties: + list: + description: An array of slo id and instance id + items: + type: object + properties: + instanceId: + description: The SLO instance identifier + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + sloId: + description: The SLO unique identifier + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + required: + - sloId + - instanceId + type: array + required: + - list + title: Delete SLO instances request + type: object + SLOs_error_budget: + title: Error budget + type: object + properties: + consumed: + description: The error budget consummed, as a percentage of the initial value. + example: 0.8 + type: number + initial: + description: The initial error budget, as 1 - objective + example: 0.02 + type: number + isEstimated: + description: >- + Only for SLO defined with occurrences budgeting method and calendar + aligned time window. + example: true + type: boolean + remaining: + description: The error budget remaining, as a percentage of the initial value. + example: 0.2 + type: number + required: + - initial + - consumed + - remaining + - isEstimated + SLOs_filter: + description: Defines properties for a filter + properties: + meta: + $ref: '#/components/schemas/SLOs_filter_meta' + query: + type: object + title: Filter + type: object + SLOs_filter_meta: + description: Defines properties for a filter + properties: + alias: + nullable: true + type: string + controlledBy: + type: string + disabled: + type: boolean + field: + type: string + group: + type: string + index: + type: string + isMultiIndex: + type: boolean + key: + type: string + negate: + type: boolean + params: + type: object + type: + type: string + value: + type: string + title: FilterMeta + type: object + SLOs_find_slo_response: + description: | + A paginated response of SLOs matching the query. + properties: + page: + example: 1 + type: number + perPage: + example: 25 + type: number + results: + items: + $ref: '#/components/schemas/SLOs_slo_with_summary_response' + type: array + total: + example: 34 + type: number + title: Find SLO response + type: object + SLOs_indicator_properties_apm_availability: + description: Defines properties for the APM availability indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + environment: + description: The APM service environment or "*" + example: production + type: string + filter: + description: KQL query used for filtering the data + example: 'service.foo : "bar"' + type: string + index: + description: The index used by APM metrics + example: metrics-apm*,apm* + type: string + service: + description: The APM service name + example: o11y-app + type: string + transactionName: + description: The APM transaction name or "*" + example: GET /my/api + type: string + transactionType: + description: The APM transaction type or "*" + example: request + type: string + required: + - service + - environment + - transactionType + - transactionName + - index + type: + description: The type of indicator. + example: sli.apm.transactionDuration + type: string + required: + - type + - params + title: APM availability + SLOs_indicator_properties_apm_latency: + description: Defines properties for the APM latency indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + environment: + description: The APM service environment or "*" + example: production + type: string + filter: + description: KQL query used for filtering the data + example: 'service.foo : "bar"' + type: string + index: + description: The index used by APM metrics + example: metrics-apm*,apm* + type: string + service: + description: The APM service name + example: o11y-app + type: string + threshold: + description: The latency threshold in milliseconds + example: 250 + type: number + transactionName: + description: The APM transaction name or "*" + example: GET /my/api + type: string + transactionType: + description: The APM transaction type or "*" + example: request + type: string + required: + - service + - environment + - transactionType + - transactionName + - index + - threshold + type: + description: The type of indicator. + example: sli.apm.transactionDuration + type: string + required: + - type + - params + title: APM latency + SLOs_indicator_properties_custom_kql: + description: Defines properties for a custom query indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 + type: string + filter: + $ref: '#/components/schemas/SLOs_kql_with_filters' + good: + $ref: '#/components/schemas/SLOs_kql_with_filters_good' + index: + description: The index or index pattern to use + example: my-service-* + type: string + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp + type: string + total: + $ref: '#/components/schemas/SLOs_kql_with_filters_total' + required: + - index + - timestampField + - good + - total + type: + description: The type of indicator. + example: sli.kql.custom + type: string + required: + - type + - params + title: Custom Query + SLOs_indicator_properties_custom_metric: + description: Defines properties for a custom metric indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 + type: string + filter: + description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + good: + description: | + An object defining the "good" metrics and equation + type: object + properties: + equation: + description: The equation to calculate the "good" metric. + example: A + type: string + metrics: + description: >- + List of metrics with their name, aggregation type, and + field. + items: + type: object + properties: + aggregation: + description: >- + The aggregation type of the metric. Only valid option + is "sum" + enum: + - sum + example: sum + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: ^[A-Z]$ + type: string + required: + - name + - aggregation + - field + type: array + required: + - metrics + - equation + index: + description: The index or index pattern to use + example: my-service-* + type: string + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp + type: string + total: + description: | + An object defining the "total" metrics and equation + type: object + properties: + equation: + description: The equation to calculate the "total" metric. + example: A + type: string + metrics: + description: >- + List of metrics with their name, aggregation type, and + field. + items: + type: object + properties: + aggregation: + description: >- + The aggregation type of the metric. Only valid option + is "sum" + enum: + - sum + example: sum + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: *' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: ^[A-Z]$ + type: string + required: + - name + - aggregation + - field + type: array + required: + - metrics + - equation + required: + - index + - timestampField + - good + - total + type: + description: The type of indicator. + example: sli.metric.custom + type: string + required: + - type + - params + title: Custom metric + SLOs_indicator_properties_histogram: + description: Defines properties for a histogram indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 + type: string + filter: + description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + good: + description: | + An object defining the "good" events + type: object + properties: + aggregation: + description: The type of aggregation to use. + enum: + - value_count + - range + example: value_count + type: string + field: + description: The field use to aggregate the good events. + example: processor.latency + type: string + filter: + description: The filter for good events. + example: 'processor.outcome: "success"' + type: string + from: + description: >- + The starting value of the range. Only required for "range" + aggregations. + example: 0 + type: number + to: + description: >- + The ending value of the range. Only required for "range" + aggregations. + example: 100 + type: number + required: + - aggregation + - field + index: + description: The index or index pattern to use + example: my-service-* + type: string + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp + type: string + total: + description: | + An object defining the "total" events + type: object + properties: + aggregation: + description: The type of aggregation to use. + enum: + - value_count + - range + example: value_count + type: string + field: + description: The field use to aggregate the good events. + example: processor.latency + type: string + filter: + description: The filter for total events. + example: 'processor.outcome : *' + type: string + from: + description: >- + The starting value of the range. Only required for "range" + aggregations. + example: 0 + type: number + to: + description: >- + The ending value of the range. Only required for "range" + aggregations. + example: 100 + type: number + required: + - aggregation + - field + required: + - index + - timestampField + - good + - total + type: + description: The type of indicator. + example: sli.histogram.custom + type: string + required: + - type + - params + title: Histogram indicator + SLOs_indicator_properties_timeslice_metric: + description: Defines properties for a timeslice metric indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 + type: string + filter: + description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + index: + description: The index or index pattern to use + example: my-service-* + type: string + metric: + description: > + An object defining the metrics, equation, and threshold to + determine if it's a good slice or not + type: object + properties: + comparator: + description: >- + The comparator to use to compare the equation to the + threshold. + enum: + - GT + - GTE + - LT + - LTE + example: GT + type: string + equation: + description: The equation to calculate the metric. + example: A + type: string + metrics: + description: >- + List of metrics with their name, aggregation type, and + field. + items: + anyOf: + - $ref: >- + #/components/schemas/SLOs_timeslice_metric_basic_metric_with_field + - $ref: >- + #/components/schemas/SLOs_timeslice_metric_percentile_metric + - $ref: >- + #/components/schemas/SLOs_timeslice_metric_doc_count_metric + type: array + threshold: + description: >- + The threshold used to determine if the metric is a good + slice or not. + example: 100 + type: number + required: + - metrics + - equation + - comparator + - threshold + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp + type: string + required: + - index + - timestampField + - metric + type: + description: The type of indicator. + example: sli.metric.timeslice + type: string + required: + - type + - params + title: Timeslice metric + SLOs_kql_with_filters: + description: Defines properties for a filter + oneOf: + - description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + - type: object + properties: + filters: + items: + $ref: '#/components/schemas/SLOs_filter' + type: array + kqlQuery: + type: string + title: KQL with filters + SLOs_kql_with_filters_good: + description: The KQL query used to define the good events. + oneOf: + - description: the KQL query to filter the documents with. + example: 'request.latency <= 150 and request.status_code : "2xx"' + type: string + - type: object + properties: + filters: + items: + $ref: '#/components/schemas/SLOs_filter' + type: array + kqlQuery: + type: string + title: KQL query for good events + SLOs_kql_with_filters_total: + description: The KQL query used to define all events. + oneOf: + - description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + - type: object + properties: + filters: + items: + $ref: '#/components/schemas/SLOs_filter' + type: array + kqlQuery: + type: string + title: KQL query for all events + SLOs_objective: + description: Defines properties for the SLO objective + type: object + properties: + target: + description: the target objective between 0 and 1 excluded + example: 0.99 + exclusiveMaximum: true + exclusiveMinimum: true + maximum: 100 + minimum: 0 + type: number + timesliceTarget: + description: >- + the target objective for each slice when using a timeslices + budgeting method + example: 0.995 + maximum: 100 + minimum: 0 + type: number + timesliceWindow: + description: >- + the duration of each slice when using a timeslices budgeting method, + as {duraton}{unit} + example: 5m + type: string + required: + - target + title: Objective + SLOs_settings: + description: Defines properties for SLO settings. + properties: + frequency: + default: 1m + description: Configure how often the transform runs, default 1m + example: 5m + type: string + preventInitialBackfill: + default: false + description: Prevents the transform from backfilling data when it starts. + example: true + type: boolean + syncDelay: + default: 1m + description: The synch delay to apply to the transform. Default 1m + example: 5m + type: string + title: Settings + type: object + SLOs_slo_definition_response: + title: SLO definition response + type: object + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + createdAt: + description: The creation date + example: '2023-01-12T10:03:19.000Z' + type: string + description: + description: The description of the SLO. + example: My SLO description + type: string + enabled: + description: Indicate if the SLO is enabled + example: true + type: boolean + groupBy: + description: optional group by field to use to generate an SLO per distinct value + example: some.field + type: string + id: + description: The identifier of the SLO. + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + indicator: + discriminator: + mapping: + sli.apm.transactionDuration: '#/components/schemas/SLOs_indicator_properties_apm_latency' + sli.apm.transactionErrorRate: '#/components/schemas/SLOs_indicator_properties_apm_availability' + sli.histogram.custom: '#/components/schemas/SLOs_indicator_properties_histogram' + sli.kql.custom: '#/components/schemas/SLOs_indicator_properties_custom_kql' + sli.metric.custom: '#/components/schemas/SLOs_indicator_properties_custom_metric' + sli.metric.timeslice: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + propertyName: type + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + name: + description: The name of the SLO. + example: My Service SLO + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + revision: + description: The SLO revision + example: 2 + type: number + settings: + $ref: '#/components/schemas/SLOs_settings' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + updatedAt: + description: The last update date + example: '2023-01-12T10:03:19.000Z' + type: string + version: + description: The internal SLO version + example: 2 + type: number + required: + - id + - name + - description + - indicator + - timeWindow + - budgetingMethod + - objective + - settings + - revision + - enabled + - groupBy + - tags + - createdAt + - updatedAt + - version + SLOs_slo_with_summary_response: + title: SLO response + type: object + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + createdAt: + description: The creation date + example: '2023-01-12T10:03:19.000Z' + type: string + description: + description: The description of the SLO. + example: My SLO description + type: string + enabled: + description: Indicate if the SLO is enabled + example: true + type: boolean + groupBy: + description: optional group by field to use to generate an SLO per distinct value + example: some.field + type: string + id: + description: The identifier of the SLO. + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + indicator: + discriminator: + mapping: + sli.apm.transactionDuration: '#/components/schemas/SLOs_indicator_properties_apm_latency' + sli.apm.transactionErrorRate: '#/components/schemas/SLOs_indicator_properties_apm_availability' + sli.histogram.custom: '#/components/schemas/SLOs_indicator_properties_histogram' + sli.kql.custom: '#/components/schemas/SLOs_indicator_properties_custom_kql' + sli.metric.custom: '#/components/schemas/SLOs_indicator_properties_custom_metric' + sli.metric.timeslice: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + propertyName: type + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + instanceId: + description: the value derived from the groupBy field, if present, otherwise '*' + example: host-abcde + type: string + name: + description: The name of the SLO. + example: My Service SLO + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + revision: + description: The SLO revision + example: 2 + type: number + settings: + $ref: '#/components/schemas/SLOs_settings' + summary: + $ref: '#/components/schemas/SLOs_summary' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + updatedAt: + description: The last update date + example: '2023-01-12T10:03:19.000Z' + type: string + version: + description: The internal SLO version + example: 2 + type: number + required: + - id + - name + - description + - indicator + - timeWindow + - budgetingMethod + - objective + - settings + - revision + - summary + - enabled + - groupBy + - instanceId + - tags + - createdAt + - updatedAt + - version + SLOs_summary: + description: The SLO computed data + properties: + errorBudget: + $ref: '#/components/schemas/SLOs_error_budget' + sliValue: + example: 0.9836 + type: number + status: + $ref: '#/components/schemas/SLOs_summary_status' + required: + - status + - sliValue + - errorBudget + title: Summary + type: object + SLOs_summary_status: + enum: + - NO_DATA + - HEALTHY + - DEGRADING + - VIOLATED + example: HEALTHY + title: summary status + type: string + SLOs_time_window: + description: Defines properties for the SLO time window + type: object + properties: + duration: + description: >- + the duration formatted as {duration}{unit}. Accepted values for + rolling: 7d, 30d, 90d. Accepted values for calendar aligned: 1w + (weekly) or 1M (monthly) + example: 30d + type: string + type: + description: >- + Indicates weither the time window is a rolling or a calendar aligned + time window. + enum: + - rolling + - calendarAligned + example: rolling + type: string + required: + - duration + - type + title: Time window + SLOs_timeslice_metric_basic_metric_with_field: + type: object + properties: + aggregation: + description: The aggregation type of the metric. + enum: + - sum + - avg + - min + - max + - std_deviation + - last_value + - cardinality + example: sum + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: ^[A-Z]$ + type: string + required: + - name + - aggregation + - field + title: Timeslice Metric Basic Metric with Field + SLOs_timeslice_metric_doc_count_metric: + type: object + properties: + aggregation: + description: The aggregation type of the metric. Only valid option is "doc_count" + enum: + - doc_count + example: doc_count + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: ^[A-Z]$ + type: string + required: + - name + - aggregation + title: Timeslice Metric Doc Count Metric + SLOs_timeslice_metric_percentile_metric: + type: object + properties: + aggregation: + description: >- + The aggregation type of the metric. Only valid option is + "percentile" + enum: + - percentile + example: percentile + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: ^[A-Z]$ + type: string + percentile: + description: The percentile value. + example: 95 + type: number + required: + - name + - aggregation + - field + - percentile + title: Timeslice Metric Percentile Metric + SLOs_update_slo_request: + description: > + The update SLO API request body varies depending on the type of + indicator, time window and budgeting method. Partial update is handled. + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + description: + description: A description for the SLO. + type: string + indicator: + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + name: + description: A name for the SLO. + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + settings: + $ref: '#/components/schemas/SLOs_settings' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + title: Update SLO request + type: object + securitySchemes: + apiKeyAuth: + description: > + These APIs use key-based authentication. You must create an API key and + use the encoded value in the request header. For example: + `Authorization: ApiKey base64AccessApiKey` + in: header + name: Authorization + type: apiKey + basicAuth: + scheme: basic + type: http +security: + - apiKeyAuth: [] + - basicAuth: [] +tags: + - name: alerting + - description: > + Configure APM agent keys to authorize requests from APM agents to the APM + Server. + name: APM agent keys + - description: > + Annotate visualizations in the APM app with significant events. + Annotations enable you to easily see how events are impacting the + performance of your applications. + name: APM annotations + - description: Case APIs enable you to open and track issues. + name: cases + - name: connectors + - name: Data streams + - description: >- + Data view APIs enable you to manage data views, formerly known as Kibana + index patterns. + name: data views + - name: Elastic Agent actions + - name: Elastic Agent binary download sources + - name: Elastic Agent policies + - name: Elastic Agent status + - name: Elastic Agents + - name: Elastic Package Manager (EPM) + - name: Fleet enrollment API keys + - name: Fleet internals + - name: Fleet Kubernetes + - name: Fleet outputs + - name: Fleet package policies + - name: Fleet proxies + - name: Fleet Server hosts + - name: Fleet service tokens + - name: Fleet uninstall tokens + - description: Machine learning + name: ml + - description: > + Export sets of saved objects that you want to import into {kib}, resolve + import errors, and rotate an encryption key for encrypted saved objects + with the saved objects APIs. + + + To manage a specific type of saved object, use the corresponding APIs. + + For example, use: + + + * [Data views](../group/endpoint-data-views) + + * [Spaces](https://www.elastic.co/guide/en/kibana/current/spaces-api.html) + + * [Short + URLs](https://www.elastic.co/guide/en/kibana/current/short-urls-api.html) + + + Warning: Do not write documents directly to the `.kibana` index. When you + write directly to the `.kibana` index, the data becomes corrupted and + permanently breaks future Kibana versions. + name: saved objects + x-displayName: Saved objects + - description: Manage and interact with Security Assistant resources. + name: Security AI Assistant API + - description: >- + You can create rules that automatically turn events and external alerts + sent to Elastic Security into detection alerts. These alerts are displayed + on the Detections page. + name: Security Solution Detections API + - description: >- + Endpoint Exceptions API allows you to manage detection rule endpoint + exceptions to prevent a rule from generating an alert from incoming events + even when the rule's other criteria are met. + name: Security Solution Endpoint Exceptions API + - description: Interact with and manage endpoints running the Elastic Defend integration. + name: Security Solution Endpoint Management API + - description: '' + name: Security Solution Entity Analytics API + - description: >- + Exceptions API allows you to manage detection rule exceptions to prevent a + rule from generating an alert from incoming events even when the rule's + other criteria are met. + name: Security Solution Exceptions API + - description: Lists API allows you to manage lists of keywords, IPs or IP ranges items. + name: Security Solution Lists API + - description: Run live queries, manage packs and saved queries. + name: Security Solution Osquery API + - description: >- + You can create Timelines and Timeline templates via the API, as well as + import new Timelines from an ndjson file. + name: Security Solution Timeline API + - description: SLO APIs enable you to define, manage and track service-level objectives + name: slo + - name: system diff --git a/oas_docs/output/kibana.yaml b/oas_docs/output/kibana.yaml index e4e718c3f73c9..2f7ae5fd8b18b 100644 --- a/oas_docs/output/kibana.yaml +++ b/oas_docs/output/kibana.yaml @@ -64,16 +64,16 @@ info: version: 1.0.2 x-doc-license: name: Attribution-NonCommercial-NoDerivatives 4.0 International - url: 'https://creativecommons.org/licenses/by-nc-nd/4.0/' + url: https://creativecommons.org/licenses/by-nc-nd/4.0/ x-feedbackLink: label: Feedback url: >- https://github.com/elastic/docs-content/issues/new?assignees=&labels=feedback%2Ccommunity&projects=&template=api-feedback.yaml&title=%5BFeedback%5D%3A+ servers: - - url: 'https://{kibana_url}' + - url: https://{kibana_url} variables: kibana_url: - default: 'localhost:5601' + default: localhost:5601 paths: /api/actions: get: @@ -138,11 +138,53 @@ paths: - actionTypeId responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Create a connector tags: - connectors - '/api/actions/action/{id}': + /api/actions/action/{id}: delete: deprecated: true description: 'WARNING: When you delete a connector, it cannot be recovered.' @@ -195,6 +237,48 @@ paths: type: string responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Get connector information tags: @@ -245,11 +329,53 @@ paths: - name responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Update a connector tags: - connectors - '/api/actions/action/{id}/_execute': + /api/actions/action/{id}/_execute: post: deprecated: true operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D%2F_execute#0' @@ -289,6 +415,48 @@ paths: - params responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Run a connector tags: @@ -318,7 +486,7 @@ paths: summary: Get connector types tags: - connectors - '/api/actions/connector/{id}': + /api/actions/connector/{id}: delete: description: 'WARNING: When you delete a connector, it cannot be recovered.' operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#0' @@ -369,6 +537,48 @@ paths: type: string responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Get connector information tags: @@ -391,7 +601,8 @@ paths: schema: example: 'true' type: string - - in: path + - description: An identifier for the connector. + in: path name: id required: false schema: @@ -422,6 +633,48 @@ paths: - connector_type_id responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Create a connector tags: @@ -472,11 +725,53 @@ paths: - name responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Update a connector tags: - connectors - '/api/actions/connector/{id}/_execute': + /api/actions/connector/{id}/_execute: post: description: >- You can use this API to test an action that involves interaction with @@ -518,6 +813,48 @@ paths: - params responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Run a connector tags: @@ -631,7 +968,7 @@ paths: example: true type: boolean is_sufficiently_secure: - description: 'If `false`, security is enabled but TLS is not.' + description: If `false`, security is enabled but TLS is not. example: true type: boolean description: Indicates a successful call. @@ -943,7 +1280,7 @@ paths: summary: Get the rule types tags: - alerting - '/api/alerting/rule/{id}': + /api/alerting/rule/{id}: delete: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#2' parameters: @@ -971,6 +1308,12 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. summary: Delete a rule tags: - alerting @@ -1725,7 +2068,7 @@ paths: description: Recur the rule until this date. type: string wkst: - description: 'Indicates the start of week, defaults to Monday.' + description: Indicates the start of week, defaults to Monday. enum: - MO - TU @@ -1797,6 +2140,12 @@ paths: - execution_status - revision description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. summary: Get rule details tags: - alerting @@ -2860,7 +3209,7 @@ paths: description: Recur the rule until this date. type: string wkst: - description: 'Indicates the start of week, defaults to Monday.' + description: Indicates the start of week, defaults to Monday. enum: - MO - TU @@ -2932,6 +3281,12 @@ paths: - execution_status - revision description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '409': + description: Indicates that the rule id is already in use. summary: Create a rule tags: - alerting @@ -3966,7 +4321,7 @@ paths: description: Recur the rule until this date. type: string wkst: - description: 'Indicates the start of week, defaults to Monday.' + description: Indicates the start of week, defaults to Monday. enum: - MO - TU @@ -4038,10 +4393,18 @@ paths: - execution_status - revision description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + '409': + description: Indicates that the rule has already been updated by another user. summary: Update a rule tags: - alerting - '/api/alerting/rule/{id}/_disable': + /api/alerting/rule/{id}/_disable: post: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_disable#0' parameters: @@ -4081,10 +4444,16 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. summary: Disable a rule tags: - alerting - '/api/alerting/rule/{id}/_enable': + /api/alerting/rule/{id}/_enable: post: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_enable#0' parameters: @@ -4112,10 +4481,16 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. summary: Enable a rule tags: - alerting - '/api/alerting/rule/{id}/_mute_all': + /api/alerting/rule/{id}/_mute_all: post: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_mute_all#0' parameters: @@ -4146,7 +4521,7 @@ paths: summary: Mute all alerts tags: - alerting - '/api/alerting/rule/{id}/_unmute_all': + /api/alerting/rule/{id}/_unmute_all: post: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_unmute_all#0' parameters: @@ -4177,7 +4552,7 @@ paths: summary: Unmute all alerts tags: - alerting - '/api/alerting/rule/{id}/_update_api_key': + /api/alerting/rule/{id}/_update_api_key: post: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_update_api_key#0' parameters: @@ -4205,10 +4580,18 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + '409': + description: Indicates that the rule has already been updated by another user. summary: Update the API key for a rule tags: - alerting - '/api/alerting/rule/{rule_id}/alert/{alert_id}/_mute': + /api/alerting/rule/{rule_id}/alert/{alert_id}/_mute: post: operationId: >- %2Fapi%2Falerting%2Frule%2F%7Brule_id%7D%2Falert%2F%7Balert_id%7D%2F_mute#0 @@ -4243,10 +4626,16 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule or alert with the given ID does not exist. summary: Mute an alert tags: - alerting - '/api/alerting/rule/{rule_id}/alert/{alert_id}/_unmute': + /api/alerting/rule/{rule_id}/alert/{alert_id}/_unmute: post: operationId: >- %2Fapi%2Falerting%2Frule%2F%7Brule_id%7D%2Falert%2F%7Balert_id%7D%2F_unmute#0 @@ -4281,6 +4670,12 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule or alert with the given ID does not exist. summary: Unmute an alert tags: - alerting @@ -5136,7 +5531,7 @@ paths: description: Recur the rule until this date. type: string wkst: - description: 'Indicates the start of week, defaults to Monday.' + description: Indicates the start of week, defaults to Monday. enum: - MO - TU @@ -5208,10 +5603,14 @@ paths: - execution_status - revision description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. summary: Get information about rules tags: - alerting - '/api/alerts/alert/{alertId}': + /api/alerts/alert/{alertId}: delete: deprecated: true description: > @@ -5513,7 +5912,7 @@ paths: summary: Update an alert tags: - alerting - '/api/alerts/alert/{alertId}/_disable': + /api/alerts/alert/{alertId}/_disable: post: deprecated: true description: Deprecated in 7.13.0. Use the disable rule API instead. @@ -5539,7 +5938,7 @@ paths: summary: Disable an alert tags: - alerting - '/api/alerts/alert/{alertId}/_enable': + /api/alerts/alert/{alertId}/_enable: post: deprecated: true description: Deprecated in 7.13.0. Use the enable rule API instead. @@ -5565,7 +5964,7 @@ paths: summary: Enable an alert tags: - alerting - '/api/alerts/alert/{alertId}/_mute_all': + /api/alerts/alert/{alertId}/_mute_all: post: deprecated: true description: Deprecated in 7.13.0. Use the mute all alerts API instead. @@ -5591,7 +5990,7 @@ paths: summary: Mute all alert instances tags: - alerting - '/api/alerts/alert/{alertId}/_unmute_all': + /api/alerts/alert/{alertId}/_unmute_all: post: deprecated: true description: Deprecated in 7.13.0. Use the unmute all alerts API instead. @@ -5617,7 +6016,7 @@ paths: summary: Unmute all alert instances tags: - alerting - '/api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_mute': + /api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_mute: post: deprecated: true description: Deprecated in 7.13.0. Use the mute alert API instead. @@ -5650,7 +6049,7 @@ paths: summary: Mute an alert instance tags: - alerting - '/api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_unmute': + /api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_unmute: post: deprecated: true description: Deprecated in 7.13.0. Use the unmute alert API instead. @@ -5877,7 +6276,7 @@ paths: example: true type: boolean isSufficientlySecure: - description: 'If `false`, security is enabled but TLS is not.' + description: If `false`, security is enabled but TLS is not. example: true type: boolean description: Indicates a successful call. @@ -6022,8 +6421,8 @@ paths: privileges: items: enum: - - 'event:write' - - 'config_agent:read' + - event:write + - config_agent:read type: string type: array required: true @@ -6049,7 +6448,7 @@ paths: summary: Create an APM agent key tags: - APM agent keys - '/api/apm/services/{serviceName}/annotation': + /api/apm/services/{serviceName}/annotation: post: description: Create a new annotation for a specific service. operationId: createAnnotation @@ -6124,7 +6523,7 @@ paths: summary: Create a service annotation tags: - APM annotations - '/api/apm/services/{serviceName}/annotation/search': + /api/apm/services/{serviceName}/annotation/search: get: description: Search for annotations related to a specific service. operationId: getAnnotation @@ -6338,7 +6737,7 @@ paths: summary: Search cases tags: - cases - '/api/cases/{caseId}': + /api/cases/{caseId}: get: description: > You must have `read` privileges for the **Cases** feature in the @@ -6369,7 +6768,7 @@ paths: summary: Get case information tags: - cases - '/api/cases/{caseId}/alerts': + /api/cases/{caseId}/alerts: get: description: > You must have `read` privileges for the **Cases** feature in the @@ -6400,7 +6799,7 @@ paths: tags: - cases x-technical-preview: true - '/api/cases/{caseId}/comments': + /api/cases/{caseId}/comments: delete: description: > Deletes all comments and alerts from a case. You must have `all` @@ -6527,7 +6926,7 @@ paths: summary: Add a case comment or alert tags: - cases - '/api/cases/{caseId}/comments/_find': + /api/cases/{caseId}/comments/_find: get: description: > Retrieves a paginated list of comments for a case. You must have `read` @@ -6557,7 +6956,7 @@ paths: summary: Find case comments and alerts tags: - cases - '/api/cases/{caseId}/comments/{commentId}': + /api/cases/{caseId}/comments/{commentId}: delete: description: > You must have `all` privileges for the **Cases** feature in the @@ -6613,7 +7012,7 @@ paths: summary: Get a case comment or alert tags: - cases - '/api/cases/{caseId}/connector/{connectorId}/_push': + /api/cases/{caseId}/connector/{connectorId}/_push: post: description: > You must have `all` privileges for the **Actions and Connectors** @@ -6651,7 +7050,7 @@ paths: summary: Push a case to an external service tags: - cases - '/api/cases/{caseId}/user_actions': + /api/cases/{caseId}/user_actions: get: deprecated: true description: > @@ -6682,7 +7081,7 @@ paths: summary: Get case activity tags: - cases - '/api/cases/{caseId}/user_actions/_find': + /api/cases/{caseId}/user_actions/_find: get: description: > Retrives a paginated list of user activity for a case. You must have @@ -6728,7 +7127,7 @@ paths: summary: Find case activity tags: - cases - '/api/cases/alerts/{alertId}': + /api/cases/alerts/{alertId}: get: description: > You must have `read` privileges for the **Cases** feature in the @@ -7149,7 +7548,7 @@ paths: summary: Add case settings tags: - cases - '/api/cases/configure/{configurationId}': + /api/cases/configure/{configurationId}: patch: description: > Updates setting details such as the closure type, custom fields, @@ -7591,7 +7990,7 @@ paths: summary: Create a data view tags: - data views - '/api/data_views/data_view/{viewId}': + /api/data_views/data_view/{viewId}: delete: description: | WARNING: When you delete a data view, it cannot be recovered. @@ -7664,7 +8063,7 @@ paths: summary: Update a data view tags: - data views - '/api/data_views/data_view/{viewId}/fields': + /api/data_views/data_view/{viewId}/fields: post: description: > Update fields presentation metadata such as count, customLabel, @@ -7707,7 +8106,7 @@ paths: summary: Update data view fields metadata tags: - data views - '/api/data_views/data_view/{viewId}/runtime_field': + /api/data_views/data_view/{viewId}/runtime_field: post: operationId: createRuntimeFieldDefault parameters: @@ -7799,7 +8198,7 @@ paths: summary: Create or update a runtime field tags: - data views - '/api/data_views/data_view/{viewId}/runtime_field/{fieldName}': + /api/data_views/data_view/{viewId}/runtime_field/{fieldName}: delete: operationId: deleteRuntimeFieldDefault parameters: @@ -8199,7 +8598,7 @@ paths: summary: Create agent binary download source tags: - Elastic Agent binary download sources - '/api/fleet/agent_download_sources/{sourceId}': + /api/fleet/agent_download_sources/{sourceId}: delete: operationId: delete-download-source parameters: @@ -8402,7 +8801,7 @@ paths: summary: Bulk get agent policies tags: - Elastic Agent policies - '/api/fleet/agent_policies/{agentPolicyId}': + /api/fleet/agent_policies/{agentPolicyId}: get: description: Get one agent policy operationId: agent-policy-info @@ -8457,7 +8856,7 @@ paths: summary: Update agent policy by ID tags: - Elastic Agent policies - '/api/fleet/agent_policies/{agentPolicyId}/copy': + /api/fleet/agent_policies/{agentPolicyId}/copy: parameters: - in: path name: agentPolicyId @@ -8499,7 +8898,7 @@ paths: summary: Copy agent policy by ID tags: - Elastic Agent policies - '/api/fleet/agent_policies/{agentPolicyId}/download': + /api/fleet/agent_policies/{agentPolicyId}/download: get: operationId: agent-policy-download responses: @@ -8538,7 +8937,7 @@ paths: required: false schema: type: string - '/api/fleet/agent_policies/{agentPolicyId}/full': + /api/fleet/agent_policies/{agentPolicyId}/full: get: operationId: agent-policy-full responses: @@ -8821,7 +9220,7 @@ paths: summary: List agents by action ids tags: - Elastic Agents - '/api/fleet/agents/{agentId}': + /api/fleet/agents/{agentId}: delete: operationId: delete-agent parameters: @@ -8906,7 +9305,7 @@ paths: summary: Update agent by ID tags: - Elastic Agents - '/api/fleet/agents/{agentId}/actions': + /api/fleet/agents/{agentId}/actions: parameters: - in: path name: agentId @@ -8947,7 +9346,7 @@ paths: summary: Create agent action tags: - Elastic Agent actions - '/api/fleet/agents/{agentId}/reassign': + /api/fleet/agents/{agentId}/reassign: parameters: - in: path name: agentId @@ -9009,7 +9408,7 @@ paths: summary: Reassign agent tags: - Elastic Agents - '/api/fleet/agents/{agentId}/request_diagnostics': + /api/fleet/agents/{agentId}/request_diagnostics: parameters: - in: path name: agentId @@ -9048,7 +9447,7 @@ paths: summary: Request agent diagnostics tags: - Elastic Agents - '/api/fleet/agents/{agentId}/unenroll': + /api/fleet/agents/{agentId}/unenroll: parameters: - in: path name: agentId @@ -9094,7 +9493,7 @@ paths: summary: Unenroll agent tags: - Elastic Agents - '/api/fleet/agents/{agentId}/upgrade': + /api/fleet/agents/{agentId}/upgrade: parameters: - in: path name: agentId @@ -9123,7 +9522,7 @@ paths: summary: Upgrade agent tags: - Elastic Agents - '/api/fleet/agents/{agentId}/uploads': + /api/fleet/agents/{agentId}/uploads: get: operationId: list-agent-uploads responses: @@ -9267,7 +9666,7 @@ paths: summary: Get agent action status tags: - Elastic Agent actions - '/api/fleet/agents/actions/{actionId}/cancel': + /api/fleet/agents/actions/{actionId}/cancel: parameters: - in: path name: actionId @@ -9309,7 +9708,7 @@ paths: properties: agents: oneOf: - - description: 'KQL query string, leave empty to action all agents' + - description: KQL query string, leave empty to action all agents type: string - description: list of agent IDs items: @@ -9358,7 +9757,7 @@ paths: type: array agents: oneOf: - - description: 'KQL query string, leave empty to action all agents' + - description: KQL query string, leave empty to action all agents type: string - description: list of agent IDs items: @@ -9402,7 +9801,7 @@ paths: properties: agents: oneOf: - - description: 'KQL query string, leave empty to action all agents' + - description: KQL query string, leave empty to action all agents type: string - description: list of agent IDs items: @@ -9457,7 +9856,7 @@ paths: properties: agents: oneOf: - - description: 'KQL query string, leave empty to action all agents' + - description: KQL query string, leave empty to action all agents type: string - description: list of agent IDs items: @@ -9503,7 +9902,7 @@ paths: - agent1 - agent2 rollout_duration_seconds: 3600 - source_uri: 'https://artifacts.elastic.co/downloads/beats/elastic-agent' + source_uri: https://artifacts.elastic.co/downloads/beats/elastic-agent start_time: '2022-08-03T14:00:00.000Z' version: 8.4.0 schema: @@ -9524,7 +9923,7 @@ paths: summary: Bulk upgrade agents tags: - Elastic Agents - '/api/fleet/agents/files/{fileId}': + /api/fleet/agents/files/{fileId}: delete: operationId: delete-agent-upload-file responses: @@ -9553,7 +9952,7 @@ paths: required: true schema: type: string - '/api/fleet/agents/files/{fileId}/{fileName}': + /api/fleet/agents/files/{fileId}/{fileName}: get: operationId: get-agent-upload-file responses: @@ -9747,7 +10146,7 @@ paths: summary: Create enrollment API key tags: - Fleet enrollment API keys - '/api/fleet/enrollment_api_keys/{keyId}': + /api/fleet/enrollment_api_keys/{keyId}: delete: operationId: delete-enrollment-api-key parameters: @@ -9858,7 +10257,7 @@ paths: summary: Create enrollment API key tags: - Fleet enrollment API keys - '/api/fleet/enrollment-api-keys/{keyId}': + /api/fleet/enrollment-api-keys/{keyId}: delete: deprecated: true operationId: delete-enrollment-api-key-deprecated @@ -10143,7 +10542,7 @@ paths: summary: Bulk install packages tags: - Elastic Package Manager (EPM) - '/api/fleet/epm/packages/{pkgkey}': + /api/fleet/epm/packages/{pkgkey}: delete: deprecated: true operationId: delete-package-deprecated @@ -10303,7 +10702,7 @@ paths: summary: Install package tags: - Elastic Package Manager (EPM) - '/api/fleet/epm/packages/{pkgName}/{pkgVersion}': + /api/fleet/epm/packages/{pkgName}/{pkgVersion}: delete: operationId: delete-package parameters: @@ -10535,7 +10934,7 @@ paths: summary: Update package settings tags: - Elastic Package Manager (EPM) - '/api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath}': + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath}: get: operationId: packages-get-file responses: @@ -10573,7 +10972,7 @@ paths: required: true schema: type: string - '/api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize': + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize: post: description: '' operationId: reauthorize-transforms @@ -10639,7 +11038,7 @@ paths: summary: Authorize transforms tags: - Elastic Package Manager (EPM) - '/api/fleet/epm/packages/{pkgName}/stats': + /api/fleet/epm/packages/{pkgName}/stats: get: operationId: get-package-stats responses: @@ -10686,7 +11085,7 @@ paths: tags: - Elastic Package Manager (EPM) parameters: [] - '/api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs': + /api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs: get: operationId: get-inputs-template responses: @@ -10826,7 +11225,7 @@ paths: summary: Create Fleet Server host tags: - Fleet Server hosts - '/api/fleet/fleet_server_hosts/{itemId}': + /api/fleet/fleet_server_hosts/{itemId}: delete: operationId: delete-fleet-server-hosts parameters: @@ -11059,7 +11458,7 @@ paths: summary: Create output tags: - Fleet outputs - '/api/fleet/outputs/{outputId}': + /api/fleet/outputs/{outputId}: delete: operationId: delete-output parameters: @@ -11128,7 +11527,7 @@ paths: summary: Update output by ID tags: - Fleet outputs - '/api/fleet/outputs/{outputId}/health': + /api/fleet/outputs/{outputId}/health: get: operationId: get-output-health responses: @@ -11142,7 +11541,7 @@ paths: description: long message if unhealthy type: string state: - description: 'state of output, HEALTHY or DEGRADED' + description: state of output, HEALTHY or DEGRADED type: string timestamp: description: timestamp of reported state @@ -11264,7 +11663,7 @@ paths: summary: Bulk get package policies tags: - Fleet package policies - '/api/fleet/package_policies/{packagePolicyId}': + /api/fleet/package_policies/{packagePolicyId}: delete: operationId: delete-package-policy parameters: @@ -11536,7 +11935,7 @@ paths: summary: Create proxy tags: - Fleet proxies - '/api/fleet/proxies/{itemId}': + /api/fleet/proxies/{itemId}: delete: operationId: delete-fleet-proxies parameters: @@ -11795,7 +12194,7 @@ paths: summary: List metadata for latest uninstall tokens per agent policy tags: - Fleet uninstall tokens - '/api/fleet/uninstall_tokens/{uninstallTokenId}': + /api/fleet/uninstall_tokens/{uninstallTokenId}: get: operationId: get-uninstall-token parameters: @@ -11871,7 +12270,7 @@ paths: operationId: bulkCreateSavedObjects parameters: - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - description: 'When true, overwrites the document with the same identifier.' + - description: When true, overwrites the document with the same identifier. in: query name: overwrite schema: @@ -12555,7 +12954,7 @@ paths: summary: Resolve import errors tags: - saved objects - '/api/saved_objects/{type}': + /api/saved_objects/{type}: post: deprecated: true description: Create a Kibana saved object with a randomly generated identifier. @@ -12563,7 +12962,7 @@ paths: parameters: - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - $ref: '#/components/parameters/Saved_objects_saved_object_type' - - description: 'If true, overwrites the document with the same identifier.' + - description: If true, overwrites the document with the same identifier. in: query name: overwrite schema: @@ -12599,7 +12998,7 @@ paths: summary: Create a saved object tags: - saved objects - '/api/saved_objects/{type}/{id}': + /api/saved_objects/{type}/{id}: get: deprecated: true description: Retrieve a single Kibana saved object by identifier. @@ -12633,7 +13032,7 @@ paths: - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - $ref: '#/components/parameters/Saved_objects_saved_object_id' - $ref: '#/components/parameters/Saved_objects_saved_object_type' - - description: 'If true, overwrites the document with the same identifier.' + - description: If true, overwrites the document with the same identifier. in: query name: overwrite schema: @@ -12705,7 +13104,7 @@ paths: summary: Update a saved object tags: - saved objects - '/api/saved_objects/resolve/{type}/{id}': + /api/saved_objects/resolve/{type}/{id}: get: deprecated: true description: > @@ -12790,7 +13189,7 @@ paths: summary: Get Kibana's current status tags: - system - '/s/{spaceId}/api/observability/slos': + /s/{spaceId}/api/observability/slos: get: description: > You must have the `read` privileges for the **SLOs** feature in the @@ -12805,7 +13204,7 @@ paths: name: kqlQuery schema: type: string - - description: 'The page to use for pagination, must be greater or equal than 1' + - description: The page to use for pagination, must be greater or equal than 1 example: 1 in: query name: page @@ -12931,7 +13330,7 @@ paths: summary: Create an SLO tags: - slo - '/s/{spaceId}/api/observability/slos/_delete_instances': + /s/{spaceId}/api/observability/slos/_delete_instances: post: description: > The deletion occurs for the specified list of `sloId` and `instanceId`. @@ -12971,7 +13370,7 @@ paths: summary: Batch delete rollup and summary data tags: - slo - '/s/{spaceId}/api/observability/slos/{sloId}': + /s/{spaceId}/api/observability/slos/{sloId}: delete: description: > You must have the `write` privileges for the **SLOs** feature in the @@ -13109,7 +13508,7 @@ paths: summary: Update an SLO tags: - slo - '/s/{spaceId}/api/observability/slos/{sloId}/_reset': + /s/{spaceId}/api/observability/slos/{sloId}/_reset: post: description: > You must have the `write` privileges for the **SLOs** feature in the @@ -13153,7 +13552,7 @@ paths: summary: Reset an SLO tags: - slo - '/s/{spaceId}/api/observability/slos/{sloId}/disable': + /s/{spaceId}/api/observability/slos/{sloId}/disable: post: description: > You must have the `write` privileges for the **SLOs** feature in the @@ -13193,7 +13592,7 @@ paths: summary: Disable an SLO tags: - slo - '/s/{spaceId}/api/observability/slos/{sloId}/enable': + /s/{spaceId}/api/observability/slos/{sloId}/enable: post: description: > You must have the `write` privileges for the **SLOs** feature in the @@ -13740,7 +14139,7 @@ components: value: - actionTypeId: .jira config: - apiUrl: 'https://elastic.atlassian.net/' + apiUrl: https://elastic.atlassian.net/ projectKey: ES id: 61787f53-4eee-4741-8df6-8fe84fa616f7 isDeprecated: false @@ -14013,7 +14412,7 @@ components: connector_name: My connector external_id: '71926' external_title: ES-554 - external_url: 'https://cases.jira.com' + external_url: https://cases.jira.com pushed_at: '2022-07-29T01:20:58.436Z' pushed_by: email: null @@ -14083,7 +14482,7 @@ components: type: .jira created_at: '2024-07-01T17:07:17.767Z' created_by: - email: 'null,' + email: null, full_name: null profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 username: elastic @@ -14200,7 +14599,7 @@ components: username: elastic version: WzI2LDNd Cases_update_case_request: - summary: 'Update the case description, tags, and connector.' + summary: Update the case description, tags, and connector. value: cases: - connector: @@ -14263,7 +14662,7 @@ components: connector_name: Jira external_id: '10003' external_title: IS-4 - external_url: 'https://hms.atlassian.net/browse/IS-4' + external_url: https://hms.atlassian.net/browse/IS-4 pushed_at: '2023-10-13T09:20:40.672Z' pushed_by: email: null @@ -14371,7 +14770,7 @@ components: runtimeFieldMap: runtime_shape_name: script: - source: 'emit(doc[''shape_name''].value)' + source: emit(doc['shape_name'].value) type: keyword title: logstash-* Data_views_create_runtime_field_request: @@ -14380,7 +14779,7 @@ components: name: runtimeFoo runtimeField: script: - source: 'emit(doc["foo"].value)' + source: emit(doc["foo"].value) type: long Data_views_get_data_view_response: summary: >- @@ -14402,35 +14801,35 @@ components: products.base_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 products.base_unit_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 products.min_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 products.price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 products.taxful_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 products.taxless_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 taxful_total_price: id: number params: - pattern: '$0,0.[00]' + pattern: $0,0.[00] taxless_total_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 fields: _id: aggregatable: false @@ -14906,7 +15305,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.base_price readFromDocValues: true @@ -14922,7 +15321,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.base_unit_price readFromDocValues: true @@ -15042,7 +15441,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.min_price readFromDocValues: true @@ -15058,7 +15457,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.price readFromDocValues: true @@ -15161,7 +15560,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.taxful_price readFromDocValues: true @@ -15177,7 +15576,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.taxless_price readFromDocValues: true @@ -15221,7 +15620,7 @@ components: format: id: number params: - pattern: '$0,0.[00]' + pattern: $0,0.[00] isMapped: true name: taxful_total_price readFromDocValues: true @@ -15237,7 +15636,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: taxless_total_price readFromDocValues: true @@ -15348,7 +15747,7 @@ components: AvgTicketPrice: id: number params: - pattern: '$0,0.[00]' + pattern: $0,0.[00] hour_of_day: id: number params: @@ -15416,7 +15815,7 @@ components: format: id: number params: - pattern: '$0,0.[00]' + pattern: $0,0.[00] isMapped: true name: AvgTicketPrice readFromDocValues: true @@ -15691,7 +16090,7 @@ components: readFromDocValues: false runtimeField: script: - source: 'emit(doc[''timestamp''].value.getHour());' + source: emit(doc['timestamp'].value.getHour()); type: long scripted: false searchable: true @@ -15816,7 +16215,7 @@ components: runtimeFieldMap: hour_of_day: script: - source: 'emit(doc[''timestamp''].value.getHour());' + source: emit(doc['timestamp'].value.getHour()); type: long sourceFilters: [] timeFieldName: timestamp @@ -15831,7 +16230,7 @@ components: readFromDocValues: false runtimeField: script: - source: 'emit(doc[''timestamp''].value.getHour());' + source: emit(doc['timestamp'].value.getHour()); type: long scripted: false searchable: true @@ -15879,7 +16278,7 @@ components: value: runtimeField: script: - source: 'emit(doc["bar"].value)' + source: emit(doc["bar"].value) Machine_learning_APIs_mlSyncExample: summary: Two anomaly detection jobs required synchronization in this example. value: @@ -16377,7 +16776,7 @@ components: - desc type: string Fleet_with_metrics: - description: 'Return agent metrics, false by default' + description: Return agent metrics, false by default in: query name: withMetrics required: false @@ -17235,7 +17634,7 @@ components: nullable: true type: string parent: - description: 'The key of the parent issue, when the issue type is sub-task.' + description: The key of the parent issue, when the issue type is sub-task. nullable: true type: string priority: @@ -18887,7 +19286,7 @@ components: - fromId - toId Data_views_timefieldname: - description: 'The timestamp field name, which you use for time-based data views.' + description: The timestamp field name, which you use for time-based data views. type: string Data_views_title: description: >- @@ -18895,7 +19294,7 @@ components: to search. Supports wildcards (`*`). type: string Data_views_type: - description: 'When set to `rollup`, identifies the rollup data views.' + description: When set to `rollup`, identifies the rollup data views. type: string Data_views_typemeta: description: >- @@ -19194,6 +19593,25 @@ components: collection will be disabled nullable: true type: boolean + monitoring_diagnostics: + type: object + properties: + limit: + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number monitoring_enabled: items: enum: @@ -19201,9 +19619,22 @@ components: - logs type: string type: array + monitoring_http: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: number + required: + - enabled monitoring_output_id: nullable: true type: string + monitoring_pprof_enabled: + type: boolean name: type: string namespace: @@ -19422,14 +19853,14 @@ components: properties: agents: oneOf: - - description: 'KQL query string, leave empty to action all agents' + - description: KQL query string, leave empty to action all agents type: string - description: list of agent IDs items: type: string type: array force: - description: 'Force upgrade, skipping validation (should be used with caution)' + description: Force upgrade, skipping validation (should be used with caution) type: boolean rollout_duration_seconds: description: rolling upgrade window duration in seconds @@ -19675,6 +20106,63 @@ components: type: string inputs: type: string + monitoring: + type: object + properties: + diagnostics: + type: object + properties: + limit: + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + enabled: + type: boolean + http: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: number + required: + - enabled + logs: + type: boolean + metrics: + type: boolean + namespace: + type: string + pprof: + type: object + properties: + enabled: + type: boolean + required: + - enabled + traces: + type: boolean + use_output: + type: string + required: + - enabled + - metrics + - logs + - traces output_permissions: additionalProperties: type: object @@ -20984,14 +21472,14 @@ components: type: object properties: enabled: - description: 'enable or disable that input, (default to true)' + description: enable or disable that input, (default to true) type: boolean streams: additionalProperties: type: object properties: enabled: - description: 'enable or disable that stream, (default to true)' + description: enable or disable that stream, (default to true) type: boolean vars: description: >- @@ -21200,7 +21688,7 @@ components: type: object properties: force: - description: 'Force upgrade, skipping validation (should be used with caution)' + description: Force upgrade, skipping validation (should be used with caution) type: boolean skipRateLimitCheck: description: Skip rate limit check for upgrade @@ -21606,7 +22094,7 @@ components: additionalProperties: $ref: >- #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels - description: 'If saved objects are missing for trained models, they are created.' + description: If saved objects are missing for trained models, they are created. type: object title: Sync API response for created saved objects type: object @@ -21761,7 +22249,7 @@ components: example: Not Found type: string message: - example: 'SLO [3749f390-03a3-11ee-8139-c7ff60a1692d] not found' + example: SLO [3749f390-03a3-11ee-8139-c7ff60a1692d] not found type: string statusCode: example: 404 @@ -21778,7 +22266,7 @@ components: example: Conflict type: string message: - example: 'SLO [d077e940-1515-11ee-9c50-9d096392f520] already exists' + example: SLO [d077e940-1515-11ee-9c50-9d096392f520] already exists type: string statusCode: example: 409 @@ -21887,11 +22375,11 @@ components: type: object properties: consumed: - description: 'The error budget consummed, as a percentage of the initial value.' + description: The error budget consummed, as a percentage of the initial value. example: 0.8 type: number initial: - description: 'The initial error budget, as 1 - objective' + description: The initial error budget, as 1 - objective example: 0.02 type: number isEstimated: @@ -21901,7 +22389,7 @@ components: example: true type: boolean remaining: - description: 'The error budget remaining, as a percentage of the initial value.' + description: The error budget remaining, as a percentage of the initial value. example: 0.2 type: number required: @@ -21986,7 +22474,7 @@ components: type: string index: description: The index used by APM metrics - example: 'metrics-apm*,apm*' + example: metrics-apm*,apm* type: string service: description: The APM service name @@ -22033,7 +22521,7 @@ components: type: string index: description: The index used by APM metrics - example: 'metrics-apm*,apm*' + example: metrics-apm*,apm* type: string service: description: The APM service name @@ -22167,7 +22655,7 @@ components: name: description: The name of the metric. Only valid options are A-Z example: A - pattern: '^[A-Z]$' + pattern: ^[A-Z]$ type: string required: - name @@ -22221,7 +22709,7 @@ components: name: description: The name of the metric. Only valid options are A-Z example: A - pattern: '^[A-Z]$' + pattern: ^[A-Z]$ type: string required: - name @@ -22523,7 +23011,7 @@ components: properties: frequency: default: 1m - description: 'Configure how often the transform runs, default 1m' + description: Configure how often the transform runs, default 1m example: 5m type: string preventInitialBackfill: @@ -22668,7 +23156,7 @@ components: - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' instanceId: - description: 'the value derived from the groupBy field, if present, otherwise ''*''' + description: the value derived from the groupBy field, if present, otherwise '*' example: host-abcde type: string name: @@ -22793,7 +23281,7 @@ components: name: description: The name of the metric. Only valid options are A-Z example: A - pattern: '^[A-Z]$' + pattern: ^[A-Z]$ type: string required: - name @@ -22816,7 +23304,7 @@ components: name: description: The name of the metric. Only valid options are A-Z example: A - pattern: '^[A-Z]$' + pattern: ^[A-Z]$ type: string required: - name @@ -22844,7 +23332,7 @@ components: name: description: The name of the metric. Only valid options are A-Z example: A - pattern: '^[A-Z]$' + pattern: ^[A-Z]$ type: string percentile: description: The percentile value. @@ -22965,6 +23453,6 @@ tags: permanently breaks future Kibana versions. name: saved objects x-displayName: Saved objects - - description: 'SLO APIs enable you to define, manage and track service-level objectives' + - description: SLO APIs enable you to define, manage and track service-level objectives name: slo - name: system diff --git a/package.json b/package.json index c61fe9446a3b7..5dabc8310644f 100644 --- a/package.json +++ b/package.json @@ -421,6 +421,7 @@ "@kbn/data-search-plugin": "link:test/plugin_functional/plugins/data_search", "@kbn/data-service": "link:packages/kbn-data-service", "@kbn/data-stream-adapter": "link:packages/kbn-data-stream-adapter", + "@kbn/data-usage-plugin": "link:x-pack/plugins/data_usage", "@kbn/data-view-editor-plugin": "link:src/plugins/data_view_editor", "@kbn/data-view-field-editor-example-plugin": "link:examples/data_view_field_editor_example", "@kbn/data-view-field-editor-plugin": "link:src/plugins/data_view_field_editor", @@ -592,7 +593,7 @@ "@kbn/kibana-utils-plugin": "link:src/plugins/kibana_utils", "@kbn/kubernetes-security-plugin": "link:x-pack/plugins/kubernetes_security", "@kbn/langchain": "link:x-pack/packages/kbn-langchain", - "@kbn/language-documentation-popover": "link:packages/kbn-language-documentation-popover", + "@kbn/language-documentation": "link:packages/kbn-language-documentation", "@kbn/lens-config-builder-example-plugin": "link:x-pack/examples/lens_config_builder_example", "@kbn/lens-embeddable-utils": "link:packages/kbn-lens-embeddable-utils", "@kbn/lens-formula-docs": "link:packages/kbn-lens-formula-docs", diff --git a/packages/content-management/content_insights/content_insights_public/src/components/views_stats/views_stats.tsx b/packages/content-management/content_insights/content_insights_public/src/components/views_stats/views_stats.tsx index 6bf97b47dfc9f..59e548e401490 100644 --- a/packages/content-management/content_insights/content_insights_public/src/components/views_stats/views_stats.tsx +++ b/packages/content-management/content_insights/content_insights_public/src/components/views_stats/views_stats.tsx @@ -86,7 +86,7 @@ const NoViewsTip = () => ( content={ } /> diff --git a/packages/content-management/user_profiles/src/components/user_missing_tip.tsx b/packages/content-management/user_profiles/src/components/user_missing_tip.tsx index 0f4b24591320b..602e9cc228975 100644 --- a/packages/content-management/user_profiles/src/components/user_missing_tip.tsx +++ b/packages/content-management/user_profiles/src/components/user_missing_tip.tsx @@ -16,7 +16,7 @@ export const NoCreatorTip = (props: { iconType?: IconType }) => ( content={ } {...props} @@ -28,7 +28,7 @@ export const NoUpdaterTip = (props: { iconType?: string }) => ( content={ } {...props} diff --git a/packages/core/chrome/core-chrome-browser-internal/src/chrome_service.tsx b/packages/core/chrome/core-chrome-browser-internal/src/chrome_service.tsx index 4605dd02fd229..dd39fa0287f27 100644 --- a/packages/core/chrome/core-chrome-browser-internal/src/chrome_service.tsx +++ b/packages/core/chrome/core-chrome-browser-internal/src/chrome_service.tsx @@ -422,6 +422,7 @@ export class ChromeService { return ( { breadcrumbsAppendExtension$={breadcrumbsAppendExtension$} headerBanner$={headerBanner$} helpMenuLinks$={of([])} + isServerless={false} /> ); expect(component.find('EuiHeader').exists()).toBeTruthy(); diff --git a/packages/core/chrome/core-chrome-browser-internal/src/ui/header/header.tsx b/packages/core/chrome/core-chrome-browser-internal/src/ui/header/header.tsx index fab9c3f5117a2..62f2963aef423 100644 --- a/packages/core/chrome/core-chrome-browser-internal/src/ui/header/header.tsx +++ b/packages/core/chrome/core-chrome-browser-internal/src/ui/header/header.tsx @@ -77,6 +77,7 @@ export interface HeaderProps { loadingCount$: ReturnType; onIsLockedUpdate: OnIsLockedUpdate; customBranding$: Observable; + isServerless: boolean; } export function Header({ @@ -90,6 +91,7 @@ export function Header({ breadcrumbsAppendExtension$, globalHelpExtensionMenuLinks$, customBranding$, + isServerless, ...observables }: HeaderProps) { const [isNavOpen, setIsNavOpen] = useState(false); @@ -152,6 +154,7 @@ export function Header({ , { - test('it only renders the default content', () => { - const application = applicationServiceMock.createInternalStartContract(); - const helpExtension$ = new BehaviorSubject(undefined); - const helpSupportUrl$ = new BehaviorSubject(''); + const application = applicationServiceMock.createInternalStartContract(); + + const defaultComponentProps: Pick< + ComponentProps, + | 'kibanaVersion' + | 'docLinks' + | 'navigateToUrl' + | 'defaultContentLinks$' + | 'helpExtension$' + | 'helpSupportUrl$' + | 'kibanaDocLink' + | 'isServerless' + > = { + navigateToUrl: application.navigateToUrl, + kibanaVersion: 'version', + docLinks: docLinksServiceMock.createStartContract(), + defaultContentLinks$: of([]), + helpExtension$: new BehaviorSubject(undefined), + helpSupportUrl$: new BehaviorSubject(''), + kibanaDocLink: '', + isServerless: false, + }; + test('it only renders the default content', () => { const component = mountWithIntl( - + ); expect(component.find('EuiButtonEmpty').length).toBe(1); // only the toggle view on/off button @@ -48,14 +58,22 @@ describe('HeaderHelpMenu', () => { ]); }); - test('it renders the global custom content + the default content', () => { - const application = applicationServiceMock.createInternalStartContract(); - const helpExtension$ = new BehaviorSubject(undefined); - const helpSupportUrl$ = new BehaviorSubject(''); + test("it doesn't render the version details when the prop isServerless is true", () => { + const component = mountWithIntl( + + ); + expect(component.find('[data-test-subj="kbnVersionString"]').exists()).toBeFalsy(); + }); + + test('it renders the global custom content + the default content', () => { const component = mountWithIntl( { priority: 100, }, ])} - helpExtension$={helpExtension$} - helpSupportUrl$={helpSupportUrl$} - kibanaVersion={'version'} - kibanaDocLink={''} - docLinks={docLinksServiceMock.createStartContract()} - defaultContentLinks$={of([])} /> ); diff --git a/packages/core/chrome/core-chrome-browser-internal/src/ui/header/header_help_menu.tsx b/packages/core/chrome/core-chrome-browser-internal/src/ui/header/header_help_menu.tsx index a8a333a4e7e80..b6789a096f7da 100644 --- a/packages/core/chrome/core-chrome-browser-internal/src/ui/header/header_help_menu.tsx +++ b/packages/core/chrome/core-chrome-browser-internal/src/ui/header/header_help_menu.tsx @@ -81,6 +81,7 @@ interface Props { kibanaVersion: string; kibanaDocLink: string; docLinks: DocLinksStart; + isServerless: boolean; } interface State { @@ -174,13 +175,19 @@ export class HeaderHelpMenu extends Component { /> - - - + {!this.props.isServerless && ( + + + + )} diff --git a/packages/core/chrome/core-chrome-browser-internal/src/ui/project/header.test.tsx b/packages/core/chrome/core-chrome-browser-internal/src/ui/project/header.test.tsx index 743cd1726e03e..1452b45555a6b 100644 --- a/packages/core/chrome/core-chrome-browser-internal/src/ui/project/header.test.tsx +++ b/packages/core/chrome/core-chrome-browser-internal/src/ui/project/header.test.tsx @@ -38,6 +38,7 @@ describe('Header', () => { isSideNavCollapsed$: Rx.of(false), prependBasePath: (str) => `hello/world/${str}`, toggleSideNav: jest.fn(), + isServerless: false, }; it('renders', async () => { diff --git a/packages/core/chrome/core-chrome-browser-internal/src/ui/project/header.tsx b/packages/core/chrome/core-chrome-browser-internal/src/ui/project/header.tsx index bf8b103709260..1f282db34a0f5 100644 --- a/packages/core/chrome/core-chrome-browser-internal/src/ui/project/header.tsx +++ b/packages/core/chrome/core-chrome-browser-internal/src/ui/project/header.tsx @@ -33,7 +33,7 @@ import { MountPoint } from '@kbn/core-mount-utils-browser'; import { i18n } from '@kbn/i18n'; import { RedirectAppLinks } from '@kbn/shared-ux-link-redirect-app'; import { Router } from '@kbn/shared-ux-router'; -import React, { useCallback } from 'react'; +import React, { useCallback, type ComponentProps } from 'react'; import useObservable from 'react-use/lib/useObservable'; import { debounceTime, Observable } from 'rxjs'; import type { CustomBranding } from '@kbn/core-custom-branding-common'; @@ -111,7 +111,7 @@ const headerStrings = { }, }; -export interface Props { +export interface Props extends Pick, 'isServerless'> { headerBanner$: Observable; breadcrumbs$: Observable; actionMenu$: Observable; @@ -227,6 +227,7 @@ export const ProjectHeader = ({ docLinks, toggleSideNav, customBranding$, + isServerless, ...observables }: Props) => { const headerActionMenuMounter = useHeaderActionMenuMounter(observables.actionMenu$); @@ -293,6 +294,7 @@ export const ProjectHeader = ({ { + if (existsSync(targetFile) === false) + throw createFailError(`Unable to determine code owners: file ${targetFile} Not Found`); +}; /** * Get the .github/CODEOWNERS entries, prepared for path matching. @@ -29,9 +34,7 @@ export interface PathWithOwners { */ export function getPathsWithOwnersReversed(): PathWithOwners[] { const codeownersPath = joinPath(REPO_ROOT, '.github', 'CODEOWNERS'); - if (existsSync(codeownersPath) === false) { - throw createFailError(`Unable to determine code owners: file ${codeownersPath} not found`); - } + existOrThrow(codeownersPath); const codeownersContent = readFileSync(codeownersPath, { encoding: 'utf8', flag: 'r' }); const codeownersLines = codeownersContent.split(/\r?\n/); const codeowners = codeownersLines @@ -66,3 +69,32 @@ export function getCodeOwnersForFile( return match?.teams; } + +/** + * Run the getCodeOwnersForFile() method above. + * Report back to the cli with either success and the owner(s), or a failure. + * + * This function depends on a --file param being passed on the cli, like this: + * $ node scripts/get_owners_for_file.js --file SOME-FILE + */ +export async function runGetOwnersForFileCli() { + run( + async ({ flags, log }) => { + const targetFile = flags.file as string; + if (!targetFile) throw createFlagError(`Missing --file argument`); + existOrThrow(targetFile); // This call is duplicated in getPathsWithOwnersReversed(), so this is a short circuit + const result = getCodeOwnersForFile(targetFile); + if (result) log.success(result); + else log.error(`Ownership of file [${targetFile}] is UNKNOWN`); + }, + { + description: 'Report file ownership from GitHub CODEOWNERS file.', + flags: { + string: ['file'], + help: ` + --file Required, path to the file to report owners for. + `, + }, + } + ); +} diff --git a/packages/kbn-code-owners/tsconfig.json b/packages/kbn-code-owners/tsconfig.json index e97f927147d73..955d0568ca3ce 100644 --- a/packages/kbn-code-owners/tsconfig.json +++ b/packages/kbn-code-owners/tsconfig.json @@ -15,6 +15,7 @@ ], "kbn_references": [ "@kbn/repo-info", - "@kbn/dev-cli-errors" + "@kbn/dev-cli-errors", + "@kbn/dev-cli-runner" ] } diff --git a/packages/kbn-config-schema/src/byte_size_value/index.test.ts b/packages/kbn-config-schema/src/byte_size_value/index.test.ts index 4fc682c30a71f..8bc31f1f872bf 100644 --- a/packages/kbn-config-schema/src/byte_size_value/index.test.ts +++ b/packages/kbn-config-schema/src/byte_size_value/index.test.ts @@ -36,11 +36,40 @@ describe('parsing units', () => { expect(ByteSizeValue.parse('1Mb').getValueInBytes()).toBe(1024 * 1024); }); + test('parses the max safe integer', () => { + expect(ByteSizeValue.parse('9007199254740991').getValueInBytes()).toBe(9007199254740991); + expect(ByteSizeValue.parse('9007199254740991b').getValueInBytes()).toBe(9007199254740991); + }); + test('throws an error when unsupported unit specified', () => { expect(() => ByteSizeValue.parse('1tb')).toThrowErrorMatchingInlineSnapshot( `"Failed to parse value as byte value. Value must be either number of bytes, or follow the format [b|kb|mb|gb] (e.g., '1024kb', '200mb', '1gb'), where the number is a safe positive integer."` ); }); + + test('throws an error when unsafe integer', () => { + expect(() => ByteSizeValue.parse('9007199254740992')).toThrowErrorMatchingInlineSnapshot( + `"Value in bytes is expected to be a safe positive integer."` + ); + }); + + test('throws an error on unusually long input', () => { + expect(() => ByteSizeValue.parse('19007199254740991kb')).toThrowErrorMatchingInlineSnapshot( + `"Value in bytes is expected to be a safe positive integer."` + ); + }); + + test('throws when string does not start with a digit', () => { + expect(() => ByteSizeValue.parse(' 1kb')).toThrowErrorMatchingInlineSnapshot( + `"Failed to parse value as byte value. Value must be either number of bytes, or follow the format [b|kb|mb|gb] (e.g., '1024kb', '200mb', '1gb'), where the number is a safe positive integer."` + ); + }); + + test('throws when string does not end with a digit or unit', () => { + expect(() => ByteSizeValue.parse('1kb ')).toThrowErrorMatchingInlineSnapshot( + `"Failed to parse value as byte value. Value must be either number of bytes, or follow the format [b|kb|mb|gb] (e.g., '1024kb', '200mb', '1gb'), where the number is a safe positive integer."` + ); + }); }); describe('#constructor', () => { diff --git a/packages/kbn-config-schema/src/byte_size_value/index.ts b/packages/kbn-config-schema/src/byte_size_value/index.ts index 7479762d15a25..c2a7e75148e85 100644 --- a/packages/kbn-config-schema/src/byte_size_value/index.ts +++ b/packages/kbn-config-schema/src/byte_size_value/index.ts @@ -23,7 +23,11 @@ function renderUnit(value: number, unit: string) { export class ByteSizeValue { public static parse(text: string): ByteSizeValue { - const match = /([1-9][0-9]*)(b|kb|mb|gb)/i.exec(text); + if (text.length > 18) { + // Exit early on large input where uses more than 16 digits and is therefore larger than Number.MAX_SAFE_INTEGER + throw new Error('Value in bytes is expected to be a safe positive integer.'); + } + const match = /(^[1-9]\d*)(b|kb|mb|gb)$/i.exec(text); if (!match) { const number = Number(text); if (typeof number !== 'number' || isNaN(number)) { diff --git a/packages/kbn-doc-links/src/get_doc_links.ts b/packages/kbn-doc-links/src/get_doc_links.ts index 78ccec5d48efe..0d7760003be6a 100644 --- a/packages/kbn-doc-links/src/get_doc_links.ts +++ b/packages/kbn-doc-links/src/get_doc_links.ts @@ -879,6 +879,7 @@ export const getDocLinks = ({ kibanaBranch, buildFlavor }: GetDocLinkOptions): D roleAndPrivileges: `${FLEET_DOCS}fleet-roles-and-privileges.html`, proxiesSettings: `${FLEET_DOCS}fleet-agent-proxy-support.html`, unprivilegedMode: `${FLEET_DOCS}elastic-agent-unprivileged.html#unprivileged-change-mode`, + httpMonitoring: `${FLEET_DOCS}agent-policy.html#change-policy-enable-agent-monitoring`, }, integrationDeveloper: { upload: `${INTEGRATIONS_DEV_DOCS}upload-a-new-integration.html`, diff --git a/packages/kbn-doc-links/src/types.ts b/packages/kbn-doc-links/src/types.ts index cbf085623c3a6..9870d3687e8b2 100644 --- a/packages/kbn-doc-links/src/types.ts +++ b/packages/kbn-doc-links/src/types.ts @@ -564,6 +564,7 @@ export interface DocLinks { roleAndPrivileges: string; proxiesSettings: string; unprivilegedMode: string; + httpMonitoring: string; }>; readonly integrationDeveloper: { upload: string; diff --git a/packages/kbn-eslint-plugin-eslint/index.js b/packages/kbn-eslint-plugin-eslint/index.js index dadeb85832da7..1b9c04a2b7918 100644 --- a/packages/kbn-eslint-plugin-eslint/index.js +++ b/packages/kbn-eslint-plugin-eslint/index.js @@ -19,6 +19,5 @@ module.exports = { no_constructor_args_in_property_initializers: require('./rules/no_constructor_args_in_property_initializers'), no_this_in_property_initializers: require('./rules/no_this_in_property_initializers'), no_unsafe_console: require('./rules/no_unsafe_console'), - no_unsafe_js_yaml: require('./rules/no_unsafe_js_yaml'), }, }; diff --git a/packages/kbn-eslint-plugin-eslint/rules/no_unsafe_js_yaml.js b/packages/kbn-eslint-plugin-eslint/rules/no_unsafe_js_yaml.js deleted file mode 100644 index 74dc20df93af6..0000000000000 --- a/packages/kbn-eslint-plugin-eslint/rules/no_unsafe_js_yaml.js +++ /dev/null @@ -1,91 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -module.exports = { - meta: { - fixable: 'code', - schema: [], - }, - create(context) { - const sourceCode = context.getSourceCode(); - const jsYamlIdentifiers = new Set(); - const isUnsafeMethod = (node) => node.name === 'load' || node.name === 'dump'; - - return { - ImportDeclaration(node) { - if (node.source.value === 'js-yaml') { - node.specifiers.forEach((specifier) => { - jsYamlIdentifiers.add(specifier.local.name); - - if (specifier.imported && isUnsafeMethod(specifier.imported)) { - context.report({ - node: specifier, - message: - 'Use `safeLoad` instead of `load` and `safeDump` instead of `dump` from `js-yaml`.', - fix(fixer) { - const replacement = - specifier.imported.name === 'load' - ? fixer.replaceText(specifier.imported, 'safeLoad') - : fixer.replaceText(specifier.imported, 'safeDump'); - return replacement; - }, - }); - } - }); - } - }, - CallExpression(node) { - const callee = node.callee; - - if (isUnsafeMethod(callee)) { - const scope = sourceCode.getScope(node); - const variable = scope.variables.find((v) => v.name === callee.name); - - if (variable && variable.defs.length) { - const [def] = variable.defs; - - if (def?.parent?.source?.value === 'js-yaml') { - context.report({ - node: callee, - message: - 'Use `safeLoad` instead of `load` and `safeDump` instead of `dump` from `js-yaml`.', - fix(fixer) { - const replacement = - callee.name === 'load' - ? fixer.replaceText(callee, 'safeLoad') - : fixer.replaceText(callee, 'safeDump'); - return replacement; - }, - }); - } - } - } - - if ( - callee.type === 'MemberExpression' && - isUnsafeMethod(callee.property) && - jsYamlIdentifiers.has(callee.object.name) - ) { - context.report({ - node: callee.property, - message: - 'Use `safeLoad` instead of `load` and `safeDump` instead of `dump` from `js-yaml`.', - fix(fixer) { - const replacement = - callee.property.name === 'load' - ? fixer.replaceText(callee.property, 'safeLoad') - : fixer.replaceText(callee.property, 'safeDump'); - return replacement; - }, - }); - } - }, - }; - }, -}; diff --git a/packages/kbn-eslint-plugin-eslint/rules/no_unsafe_js_yaml.test.js b/packages/kbn-eslint-plugin-eslint/rules/no_unsafe_js_yaml.test.js deleted file mode 100644 index 960bc0b0c23d1..0000000000000 --- a/packages/kbn-eslint-plugin-eslint/rules/no_unsafe_js_yaml.test.js +++ /dev/null @@ -1,105 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -const { RuleTester } = require('eslint'); -const rule = require('./no_unsafe_js_yaml'); - -const ruleTester = new RuleTester({ - parser: require.resolve('@typescript-eslint/parser'), - parserOptions: { - sourceType: 'module', - ecmaVersion: 2018, - }, -}); - -ruleTester.run('no_unsafe_js_yaml', rule, { - valid: [ - "import { safeLoad } from 'js-yaml'; const data = safeLoad(yamlString);", - "import { safeDump } from 'js-yaml'; const yaml = safeDump(data);", - "import * as yaml from 'js-yaml'; const data = yaml.safeLoad(yamlString);", - "import yaml from 'js-yaml'; yaml.safeLoad('yamlString');", - ], - invalid: [ - { - code: "import { load } from 'js-yaml'; const data = load(yamlString);", - errors: [ - { - message: - 'Use `safeLoad` instead of `load` and `safeDump` instead of `dump` from `js-yaml`.', - line: 1, - column: 10, - endLine: 1, - endColumn: 14, - }, - { - message: - 'Use `safeLoad` instead of `load` and `safeDump` instead of `dump` from `js-yaml`.', - line: 1, - column: 46, - endLine: 1, - endColumn: 50, - }, - ], - output: "import { safeLoad } from 'js-yaml'; const data = safeLoad(yamlString);", - }, - { - code: "import { dump } from 'js-yaml'; const yaml = dump(data);", - errors: [ - { - message: - 'Use `safeLoad` instead of `load` and `safeDump` instead of `dump` from `js-yaml`.', - line: 1, - column: 10, - endLine: 1, - endColumn: 14, - }, - { - message: - 'Use `safeLoad` instead of `load` and `safeDump` instead of `dump` from `js-yaml`.', - line: 1, - column: 46, - endLine: 1, - endColumn: 50, - }, - ], - output: "import { safeDump } from 'js-yaml'; const yaml = safeDump(data);", - }, - { - code: "import * as yaml from 'js-yaml'; const data = yaml.load(yamlString);", - errors: [ - { - message: - 'Use `safeLoad` instead of `load` and `safeDump` instead of `dump` from `js-yaml`.', - }, - ], - output: "import * as yaml from 'js-yaml'; const data = yaml.safeLoad(yamlString);", - }, - { - code: "import yaml from 'js-yaml'; yaml.load('someYAMLContent')", - errors: [ - { - message: - 'Use `safeLoad` instead of `load` and `safeDump` instead of `dump` from `js-yaml`.', - }, - ], - output: "import yaml from 'js-yaml'; yaml.safeLoad('someYAMLContent')", - }, - { - code: "import yaml, { safeDump } from 'js-yaml'; safeDump(data); yaml.load('someYAMLContent');", - errors: [ - { - message: - 'Use `safeLoad` instead of `load` and `safeDump` instead of `dump` from `js-yaml`.', - }, - ], - output: - "import yaml, { safeDump } from 'js-yaml'; safeDump(data); yaml.safeLoad('someYAMLContent');", - }, - ], -}); diff --git a/packages/kbn-language-documentation-popover/.storybook/main.js b/packages/kbn-language-documentation/.storybook/main.js similarity index 100% rename from packages/kbn-language-documentation-popover/.storybook/main.js rename to packages/kbn-language-documentation/.storybook/main.js diff --git a/packages/kbn-language-documentation-popover/README.md b/packages/kbn-language-documentation/README.md similarity index 52% rename from packages/kbn-language-documentation-popover/README.md rename to packages/kbn-language-documentation/README.md index 8e3e3d14230a9..0272e67e57d9d 100644 --- a/packages/kbn-language-documentation-popover/README.md +++ b/packages/kbn-language-documentation/README.md @@ -1,15 +1,29 @@ -### Shareable language documentation popover +### Shareable language documentation -This is a stateless shareable component that can be used to render documentation for a language as a popover. +This is a stateless shareable component that can be used to render documentation for a language as a popover, flyour or a React component that you can add in your applications as you wish. It can be used in every application that would like to add an in-app documentation. The component consists of: - A sidebar navigation with a search - A details page +### As a popover (currently used for Lens formulas) + ``` ``` +### As a flyout (currently used for ES|QL in unified search) + +``` + +``` + +### As an inline component (currently used for ES|QL in Lens inline editing, alerts) + +``` + +``` + The properties are typed as: ``` diff --git a/packages/kbn-language-documentation-popover/index.ts b/packages/kbn-language-documentation/index.ts similarity index 100% rename from packages/kbn-language-documentation-popover/index.ts rename to packages/kbn-language-documentation/index.ts diff --git a/packages/kbn-language-documentation-popover/jest.config.js b/packages/kbn-language-documentation/jest.config.js similarity index 88% rename from packages/kbn-language-documentation-popover/jest.config.js rename to packages/kbn-language-documentation/jest.config.js index c7a6825173df4..1507a0cdfd7cb 100644 --- a/packages/kbn-language-documentation-popover/jest.config.js +++ b/packages/kbn-language-documentation/jest.config.js @@ -10,5 +10,5 @@ module.exports = { preset: '@kbn/test', rootDir: '../..', - roots: ['/packages/kbn-language-documentation-popover'], + roots: ['/packages/kbn-language-documentation'], }; diff --git a/packages/kbn-language-documentation-popover/kibana.jsonc b/packages/kbn-language-documentation/kibana.jsonc similarity index 58% rename from packages/kbn-language-documentation-popover/kibana.jsonc rename to packages/kbn-language-documentation/kibana.jsonc index 59eaf56cef7d4..5bd04503e6397 100644 --- a/packages/kbn-language-documentation-popover/kibana.jsonc +++ b/packages/kbn-language-documentation/kibana.jsonc @@ -1,5 +1,5 @@ { "type": "shared-common", - "id": "@kbn/language-documentation-popover", + "id": "@kbn/language-documentation", "owner": "@elastic/kibana-esql" } diff --git a/packages/kbn-language-documentation-popover/package.json b/packages/kbn-language-documentation/package.json similarity index 75% rename from packages/kbn-language-documentation-popover/package.json rename to packages/kbn-language-documentation/package.json index 002c3c4ee51b3..3788ee50f2c95 100644 --- a/packages/kbn-language-documentation-popover/package.json +++ b/packages/kbn-language-documentation/package.json @@ -1,5 +1,5 @@ { - "name": "@kbn/language-documentation-popover", + "name": "@kbn/language-documentation", "version": "1.0.0", "license": "Elastic License 2.0 OR AGPL-3.0-only OR SSPL-1.0", "private": true, @@ -9,6 +9,6 @@ "scripts": { "make:docs": "ts-node --transpileOnly scripts/generate_esql_docs.ts", "postmake:docs": "yarn run lint:fix", - "lint:fix": "cd ../.. && node ./scripts/eslint --fix ./packages/kbn-language-documentation-popover/src/sections/generated" + "lint:fix": "cd ../.. && node ./scripts/eslint --fix ./packages/kbn-language-documentation/src/sections/generated" } } diff --git a/packages/kbn-language-documentation-popover/scripts/generate_esql_docs.ts b/packages/kbn-language-documentation/scripts/generate_esql_docs.ts similarity index 97% rename from packages/kbn-language-documentation-popover/scripts/generate_esql_docs.ts rename to packages/kbn-language-documentation/scripts/generate_esql_docs.ts index 4fad23e2e25f2..ff4baf499c8db 100644 --- a/packages/kbn-language-documentation-popover/scripts/generate_esql_docs.ts +++ b/packages/kbn-language-documentation/scripts/generate_esql_docs.ts @@ -86,7 +86,7 @@ function writeFunctionDocs(functionDocs: Map, pathToDocsFile: st // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { label: i18n.translate( - 'languageDocumentationPopover.documentationESQL.${name}', + 'languageDocumentation.documentationESQL.${name}', { defaultMessage: '${name.toUpperCase()}', } @@ -97,7 +97,7 @@ function writeFunctionDocs(functionDocs: Map, pathToDocsFile: st readOnly enableSoftLineBreaks markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.${name}.markdown', + 'languageDocumentation.documentationESQL.${name}.markdown', { defaultMessage: \`${docWithoutLinks.replaceAll('`', '\\`')}\`, description: diff --git a/packages/kbn-language-documentation-popover/setup_tests.ts b/packages/kbn-language-documentation/setup_tests.ts similarity index 100% rename from packages/kbn-language-documentation-popover/setup_tests.ts rename to packages/kbn-language-documentation/setup_tests.ts diff --git a/packages/kbn-language-documentation-popover/src/__stories__/language_documentation_popover.stories.tsx b/packages/kbn-language-documentation/src/__stories__/language_documentation_popover.stories.tsx similarity index 100% rename from packages/kbn-language-documentation-popover/src/__stories__/language_documentation_popover.stories.tsx rename to packages/kbn-language-documentation/src/__stories__/language_documentation_popover.stories.tsx diff --git a/packages/kbn-language-documentation-popover/src/components/as_flyout/index.test.tsx b/packages/kbn-language-documentation/src/components/as_flyout/index.test.tsx similarity index 100% rename from packages/kbn-language-documentation-popover/src/components/as_flyout/index.test.tsx rename to packages/kbn-language-documentation/src/components/as_flyout/index.test.tsx diff --git a/packages/kbn-language-documentation-popover/src/components/as_flyout/index.tsx b/packages/kbn-language-documentation/src/components/as_flyout/index.tsx similarity index 97% rename from packages/kbn-language-documentation-popover/src/components/as_flyout/index.tsx rename to packages/kbn-language-documentation/src/components/as_flyout/index.tsx index 0a617165f7661..583fb96c96cef 100644 --- a/packages/kbn-language-documentation-popover/src/components/as_flyout/index.tsx +++ b/packages/kbn-language-documentation/src/components/as_flyout/index.tsx @@ -85,7 +85,7 @@ function DocumentationFlyout({

- {i18n.translate('languageDocumentationPopover.documentationFlyoutTitle', { + {i18n.translate('languageDocumentation.documentationFlyoutTitle', { defaultMessage: 'ES|QL quick reference', })}

diff --git a/packages/kbn-language-documentation-popover/src/components/as_inline/index.test.tsx b/packages/kbn-language-documentation/src/components/as_inline/index.test.tsx similarity index 100% rename from packages/kbn-language-documentation-popover/src/components/as_inline/index.test.tsx rename to packages/kbn-language-documentation/src/components/as_inline/index.test.tsx diff --git a/packages/kbn-language-documentation-popover/src/components/as_inline/index.tsx b/packages/kbn-language-documentation/src/components/as_inline/index.tsx similarity index 100% rename from packages/kbn-language-documentation-popover/src/components/as_inline/index.tsx rename to packages/kbn-language-documentation/src/components/as_inline/index.tsx diff --git a/packages/kbn-language-documentation-popover/src/components/as_popover/documentation.scss b/packages/kbn-language-documentation/src/components/as_popover/documentation.scss similarity index 100% rename from packages/kbn-language-documentation-popover/src/components/as_popover/documentation.scss rename to packages/kbn-language-documentation/src/components/as_popover/documentation.scss diff --git a/packages/kbn-language-documentation-popover/src/components/as_popover/index.tsx b/packages/kbn-language-documentation/src/components/as_popover/index.tsx similarity index 97% rename from packages/kbn-language-documentation-popover/src/components/as_popover/index.tsx rename to packages/kbn-language-documentation/src/components/as_popover/index.tsx index 9a1432e938f04..cda01a048dc80 100644 --- a/packages/kbn-language-documentation-popover/src/components/as_popover/index.tsx +++ b/packages/kbn-language-documentation/src/components/as_popover/index.tsx @@ -60,7 +60,7 @@ function DocumentationPopover({ button={ - {i18n.translate('languageDocumentationPopover.header', { + {i18n.translate('languageDocumentation.header', { defaultMessage: '{language} reference', values: { language }, })} @@ -78,7 +78,7 @@ function DocumentationContent({ {linkToDocumentation && ( - {i18n.translate('languageDocumentationPopover.documentationLinkLabel', { + {i18n.translate('languageDocumentation.documentationLinkLabel', { defaultMessage: 'View full documentation', })} @@ -106,7 +106,7 @@ function DocumentationContent({ setSearchText(e.target.value); }} data-test-subj="language-documentation-navigation-search" - placeholder={i18n.translate('languageDocumentationPopover.searchPlaceholder', { + placeholder={i18n.translate('languageDocumentation.searchPlaceholder', { defaultMessage: 'Search', })} /> diff --git a/packages/kbn-language-documentation-popover/src/components/shared/documentation_content.tsx b/packages/kbn-language-documentation/src/components/shared/documentation_content.tsx similarity index 100% rename from packages/kbn-language-documentation-popover/src/components/shared/documentation_content.tsx rename to packages/kbn-language-documentation/src/components/shared/documentation_content.tsx diff --git a/packages/kbn-language-documentation-popover/src/components/shared/documentation_navigation.tsx b/packages/kbn-language-documentation/src/components/shared/documentation_navigation.tsx similarity index 89% rename from packages/kbn-language-documentation-popover/src/components/shared/documentation_navigation.tsx rename to packages/kbn-language-documentation/src/components/shared/documentation_navigation.tsx index c8202d0ea448f..821f6fa2e990d 100644 --- a/packages/kbn-language-documentation-popover/src/components/shared/documentation_navigation.tsx +++ b/packages/kbn-language-documentation/src/components/shared/documentation_navigation.tsx @@ -45,7 +45,7 @@ function DocumentationNav({ - {i18n.translate('languageDocumentationPopover.esqlDocsLinkLabel', { + {i18n.translate('languageDocumentation.esqlDocsLinkLabel', { defaultMessage: 'View full ES|QL documentation', })} @@ -66,10 +66,10 @@ function DocumentationNav({ } > [0]) => ( export const initialSection = ( ), }, { - label: i18n.translate('languageDocumentationPopover.documentationESQL.row', { + label: i18n.translate('languageDocumentation.documentationESQL.row', { defaultMessage: 'ROW', }), description: ( ), }, { - label: i18n.translate('languageDocumentationPopover.documentationESQL.show', { + label: i18n.translate('languageDocumentation.documentationESQL.show', { defaultMessage: 'SHOW', }), description: ( \` source command returns information about the deployment and its capabilities: * Use \`SHOW INFO\` to return the deployment's version, build date and hash. * Use \`SHOW FUNCTIONS\` to return a list of all supported functions and a synopsis of each function. `, - ignoreTag: true, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - } - )} + ignoreTag: true, + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + })} /> ), }, @@ -173,25 +161,25 @@ The \`SHOW \` source command returns information about the deployment and }; export const processingCommands = { - label: i18n.translate('languageDocumentationPopover.documentationESQL.processingCommands', { + label: i18n.translate('languageDocumentation.documentationESQL.processingCommands', { defaultMessage: 'Processing commands', }), description: i18n.translate( - 'languageDocumentationPopover.documentationESQL.processingCommandsDescription', + 'languageDocumentation.documentationESQL.processingCommandsDescription', { defaultMessage: `Processing commands change an input table by adding, removing, or changing rows and columns. ES|QL supports the following processing commands.`, } ), items: [ { - label: i18n.translate('languageDocumentationPopover.documentationESQL.dissect', { + label: i18n.translate('languageDocumentation.documentationESQL.dissect', { defaultMessage: 'DISSECT', }), description: ( ), }, { - label: i18n.translate('languageDocumentationPopover.documentationESQL.enrich', { + label: i18n.translate('languageDocumentation.documentationESQL.enrich', { defaultMessage: 'ENRICH', }), description: ( ), }, { - label: i18n.translate('languageDocumentationPopover.documentationESQL.grok', { + label: i18n.translate('languageDocumentation.documentationESQL.grok', { defaultMessage: 'GROK', }), description: ( ), }, { - label: i18n.translate('languageDocumentationPopover.documentationESQL.keep', { + label: i18n.translate('languageDocumentation.documentationESQL.keep', { defaultMessage: 'KEEP', }), description: ( ), }, { - label: i18n.translate('languageDocumentationPopover.documentationESQL.limit', { + label: i18n.translate('languageDocumentation.documentationESQL.limit', { defaultMessage: 'LIMIT', }), description: ( ), }, { - label: i18n.translate('languageDocumentationPopover.documentationESQL.statsby', { + label: i18n.translate('languageDocumentation.documentationESQL.statsby', { defaultMessage: 'STATS ... BY', }), description: ( \` type conversion functions. @@ -882,13 +855,13 @@ ROW ver = CONCAT(("0"::INT + 1)::STRING, ".2.3")::VERSION ), }, { - label: i18n.translate('languageDocumentationPopover.documentationESQL.inOperator', { + label: i18n.translate('languageDocumentation.documentationESQL.inOperator', { defaultMessage: 'IN', }), description: ( @@ -49,17 +47,16 @@ export const functions = { | STATS AVG(height) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.count', { + label: i18n.translate('languageDocumentation.documentationESQL.count', { defaultMessage: 'COUNT', }), description: ( @@ -68,7 +65,7 @@ export const functions = { readOnly enableSoftLineBreaks markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.count.markdown', + 'languageDocumentation.documentationESQL.count.markdown', { defaultMessage: ` @@ -148,17 +143,16 @@ export const functions = { | STATS MAX(languages) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.median', { + label: i18n.translate('languageDocumentation.documentationESQL.median', { defaultMessage: 'MEDIAN', }), description: ( @@ -167,7 +161,7 @@ export const functions = { readOnly enableSoftLineBreaks markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.median.markdown', + 'languageDocumentation.documentationESQL.median.markdown', { defaultMessage: ` @@ -254,17 +243,16 @@ export const functions = { | STATS MIN(languages) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.percentile', { + label: i18n.translate('languageDocumentation.documentationESQL.percentile', { defaultMessage: 'PERCENTILE', }), description: ( @@ -273,7 +261,7 @@ export const functions = { readOnly enableSoftLineBreaks markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.percentile.markdown', + 'languageDocumentation.documentationESQL.percentile.markdown', { defaultMessage: ` @@ -355,17 +341,16 @@ export const functions = { | STATS SUM(languages) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.top', { + label: i18n.translate('languageDocumentation.documentationESQL.top', { defaultMessage: 'TOP', }), description: ( @@ -373,10 +358,8 @@ export const functions = { openLinksInNewTab readOnly enableSoftLineBreaks - markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.top.markdown', - { - defaultMessage: ` @@ -388,17 +371,16 @@ export const functions = { | STATS top_salaries = TOP(salary, 3, "desc"), top_salary = MAX(salary) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.values', { + label: i18n.translate('languageDocumentation.documentationESQL.values', { defaultMessage: 'VALUES', }), description: ( @@ -407,7 +389,7 @@ export const functions = { readOnly enableSoftLineBreaks markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.values.markdown', + 'languageDocumentation.documentationESQL.values.markdown', { defaultMessage: ` @@ -49,17 +47,16 @@ export const functions = { | EVAL abs_number = ABS(number) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.acos', { + label: i18n.translate('languageDocumentation.documentationESQL.acos', { defaultMessage: 'ACOS', }), description: ( @@ -67,10 +64,8 @@ export const functions = { openLinksInNewTab readOnly enableSoftLineBreaks - markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.acos.markdown', - { - defaultMessage: ` @@ -82,17 +77,16 @@ export const functions = { | EVAL acos=ACOS(a) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.asin', { + label: i18n.translate('languageDocumentation.documentationESQL.asin', { defaultMessage: 'ASIN', }), description: ( @@ -100,10 +94,8 @@ export const functions = { openLinksInNewTab readOnly enableSoftLineBreaks - markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.asin.markdown', - { - defaultMessage: ` @@ -116,17 +108,16 @@ export const functions = { | EVAL asin=ASIN(a) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.atan', { + label: i18n.translate('languageDocumentation.documentationESQL.atan', { defaultMessage: 'ATAN', }), description: ( @@ -134,10 +125,8 @@ export const functions = { openLinksInNewTab readOnly enableSoftLineBreaks - markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.atan.markdown', - { - defaultMessage: ` @@ -150,17 +139,16 @@ export const functions = { | EVAL atan=ATAN(a) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.atan2', { + label: i18n.translate('languageDocumentation.documentationESQL.atan2', { defaultMessage: 'ATAN2', }), description: ( @@ -169,7 +157,7 @@ export const functions = { readOnly enableSoftLineBreaks markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.atan2.markdown', + 'languageDocumentation.documentationESQL.atan2.markdown', { defaultMessage: ` @@ -262,17 +248,16 @@ export const functions = { | KEEP emp_no, languages, type \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.cbrt', { + label: i18n.translate('languageDocumentation.documentationESQL.cbrt', { defaultMessage: 'CBRT', }), description: ( @@ -280,10 +265,8 @@ export const functions = { openLinksInNewTab readOnly enableSoftLineBreaks - markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.cbrt.markdown', - { - defaultMessage: ` @@ -296,17 +279,16 @@ export const functions = { | EVAL c = cbrt(d) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.ceil', { + label: i18n.translate('languageDocumentation.documentationESQL.ceil', { defaultMessage: 'CEIL', }), description: ( @@ -314,10 +296,8 @@ export const functions = { openLinksInNewTab readOnly enableSoftLineBreaks - markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.ceil.markdown', - { - defaultMessage: ` @@ -330,17 +310,16 @@ export const functions = { \`\`\` Note: This is a noop for \`long\` (including unsigned) and \`integer\`. For \`double\` this picks the closest \`double\` value to the integer similar to Math.ceil. `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.cidr_match', { + label: i18n.translate('languageDocumentation.documentationESQL.cidr_match', { defaultMessage: 'CIDR_MATCH', }), description: ( @@ -349,7 +328,7 @@ export const functions = { readOnly enableSoftLineBreaks markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.cidr_match.markdown', + 'languageDocumentation.documentationESQL.cidr_match.markdown', { defaultMessage: ` @@ -464,17 +441,16 @@ export const functions = { | EVAL cos=COS(a) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.cosh', { + label: i18n.translate('languageDocumentation.documentationESQL.cosh', { defaultMessage: 'COSH', }), description: ( @@ -482,10 +458,8 @@ export const functions = { openLinksInNewTab readOnly enableSoftLineBreaks - markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.cosh.markdown', - { - defaultMessage: ` @@ -497,17 +471,16 @@ export const functions = { | EVAL cosh=COSH(a) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.date_diff', { + label: i18n.translate('languageDocumentation.documentationESQL.date_diff', { defaultMessage: 'DATE_DIFF', }), description: ( @@ -516,7 +489,7 @@ export const functions = { readOnly enableSoftLineBreaks markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.date_diff.markdown', + 'languageDocumentation.documentationESQL.date_diff.markdown', { defaultMessage: ` @@ -697,17 +668,16 @@ export const functions = { ROW E() \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.ends_with', { + label: i18n.translate('languageDocumentation.documentationESQL.ends_with', { defaultMessage: 'ENDS_WITH', }), description: ( @@ -716,7 +686,7 @@ export const functions = { readOnly enableSoftLineBreaks markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.ends_with.markdown', + 'languageDocumentation.documentationESQL.ends_with.markdown', { defaultMessage: ` @@ -764,17 +732,16 @@ export const functions = { | EVAL s = EXP(d) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.floor', { + label: i18n.translate('languageDocumentation.documentationESQL.floor', { defaultMessage: 'FLOOR', }), description: ( @@ -783,7 +750,7 @@ export const functions = { readOnly enableSoftLineBreaks markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.floor.markdown', + 'languageDocumentation.documentationESQL.floor.markdown', { defaultMessage: ` @@ -970,17 +935,16 @@ export const functions = { | LIMIT 5 \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.length', { + label: i18n.translate('languageDocumentation.documentationESQL.length', { defaultMessage: 'LENGTH', }), description: ( @@ -989,7 +953,7 @@ export const functions = { readOnly enableSoftLineBreaks markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.length.markdown', + 'languageDocumentation.documentationESQL.length.markdown', { defaultMessage: ` @@ -1074,17 +1036,16 @@ export const functions = { | EVAL s = LOG(base, value) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.log10', { + label: i18n.translate('languageDocumentation.documentationESQL.log10', { defaultMessage: 'LOG10', }), description: ( @@ -1093,7 +1054,7 @@ export const functions = { readOnly enableSoftLineBreaks markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.log10.markdown', + 'languageDocumentation.documentationESQL.log10.markdown', { defaultMessage: ` @@ -1762,17 +1718,16 @@ export const functions = { ROW current_date = NOW() \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.pi', { + label: i18n.translate('languageDocumentation.documentationESQL.pi', { defaultMessage: 'PI', }), description: ( @@ -1780,10 +1735,8 @@ export const functions = { openLinksInNewTab readOnly enableSoftLineBreaks - markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.pi.markdown', - { - defaultMessage: ` @@ -1794,17 +1747,16 @@ export const functions = { ROW PI() \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.pow', { + label: i18n.translate('languageDocumentation.documentationESQL.pow', { defaultMessage: 'POW', }), description: ( @@ -1812,10 +1764,8 @@ export const functions = { openLinksInNewTab readOnly enableSoftLineBreaks - markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.pow.markdown', - { - defaultMessage: ` @@ -1828,17 +1778,16 @@ export const functions = { \`\`\` Note: It is still possible to overflow a double result here; in that case, null will be returned. `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.repeat', { + label: i18n.translate('languageDocumentation.documentationESQL.repeat', { defaultMessage: 'REPEAT', }), description: ( @@ -1847,7 +1796,7 @@ export const functions = { readOnly enableSoftLineBreaks markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.repeat.markdown', + 'languageDocumentation.documentationESQL.repeat.markdown', { defaultMessage: ` @@ -2072,17 +2019,16 @@ export const functions = { | EVAL sin=SIN(a) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.sinh', { + label: i18n.translate('languageDocumentation.documentationESQL.sinh', { defaultMessage: 'SINH', }), description: ( @@ -2090,10 +2036,8 @@ export const functions = { openLinksInNewTab readOnly enableSoftLineBreaks - markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.sinh.markdown', - { - defaultMessage: ` @@ -2105,17 +2049,16 @@ export const functions = { | EVAL sinh=SINH(a) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.space', { + label: i18n.translate('languageDocumentation.documentationESQL.space', { defaultMessage: 'SPACE', }), description: ( @@ -2124,7 +2067,7 @@ export const functions = { readOnly enableSoftLineBreaks markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.space.markdown', + 'languageDocumentation.documentationESQL.space.markdown', { defaultMessage: ` @@ -2204,17 +2145,16 @@ export const functions = { | EVAL s = SQRT(d) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.st_contains', { + label: i18n.translate('languageDocumentation.documentationESQL.st_contains', { defaultMessage: 'ST_CONTAINS', }), description: ( @@ -2223,7 +2163,7 @@ export const functions = { readOnly enableSoftLineBreaks markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.st_contains.markdown', + 'languageDocumentation.documentationESQL.st_contains.markdown', { defaultMessage: ` @@ -2418,17 +2356,16 @@ export const functions = { | EVAL x = ST_X(point), y = ST_Y(point) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.st_y', { + label: i18n.translate('languageDocumentation.documentationESQL.st_y', { defaultMessage: 'ST_Y', }), description: ( @@ -2436,10 +2373,8 @@ export const functions = { openLinksInNewTab readOnly enableSoftLineBreaks - markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.st_y.markdown', - { - defaultMessage: ` @@ -2452,17 +2387,16 @@ export const functions = { | EVAL x = ST_X(point), y = ST_Y(point) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.starts_with', { + label: i18n.translate('languageDocumentation.documentationESQL.starts_with', { defaultMessage: 'STARTS_WITH', }), description: ( @@ -2471,7 +2405,7 @@ export const functions = { readOnly enableSoftLineBreaks markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.starts_with.markdown', + 'languageDocumentation.documentationESQL.starts_with.markdown', { defaultMessage: ` @@ -2553,17 +2485,16 @@ export const functions = { | EVAL tan=TAN(a) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.tanh', { + label: i18n.translate('languageDocumentation.documentationESQL.tanh', { defaultMessage: 'TANH', }), description: ( @@ -2571,10 +2502,8 @@ export const functions = { openLinksInNewTab readOnly enableSoftLineBreaks - markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.tanh.markdown', - { - defaultMessage: ` @@ -2586,17 +2515,16 @@ export const functions = { | EVAL tanh=TANH(a) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.tau', { + label: i18n.translate('languageDocumentation.documentationESQL.tau', { defaultMessage: 'TAU', }), description: ( @@ -2604,10 +2532,8 @@ export const functions = { openLinksInNewTab readOnly enableSoftLineBreaks - markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.tau.markdown', - { - defaultMessage: ` @@ -2618,17 +2544,16 @@ export const functions = { ROW TAU() \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, // Do not edit manually... automatically generated by scripts/generate_esql_docs.ts { - label: i18n.translate('languageDocumentationPopover.documentationESQL.to_base64', { + label: i18n.translate('languageDocumentation.documentationESQL.to_base64', { defaultMessage: 'TO_BASE64', }), description: ( @@ -2637,7 +2562,7 @@ export const functions = { readOnly enableSoftLineBreaks markdownContent={i18n.translate( - 'languageDocumentationPopover.documentationESQL.to_base64.markdown', + 'languageDocumentation.documentationESQL.to_base64.markdown', { defaultMessage: ` @@ -3331,11 +3254,10 @@ export const functions = { | EVAL color = TRIM(color) \`\`\` `, - description: - 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', - ignoreTag: true, - } - )} + description: + 'Text is in markdown. Do not translate function names, special characters, or field names like sum(bytes)', + ignoreTag: true, + })} /> ), }, diff --git a/packages/kbn-language-documentation-popover/src/sections/index.ts b/packages/kbn-language-documentation/src/sections/index.ts similarity index 92% rename from packages/kbn-language-documentation-popover/src/sections/index.ts rename to packages/kbn-language-documentation/src/sections/index.ts index 80b43fbcc0c82..adc8282dbfc2b 100644 --- a/packages/kbn-language-documentation-popover/src/sections/index.ts +++ b/packages/kbn-language-documentation/src/sections/index.ts @@ -24,7 +24,7 @@ export const getESQLDocsSections = async () => { operators, } = await import('./esql_documentation_sections'); groups.push({ - label: i18n.translate('languageDocumentationPopover.esqlSections.initialSectionLabel', { + label: i18n.translate('languageDocumentation.esqlSections.initialSectionLabel', { defaultMessage: 'ES|QL', }), items: [], diff --git a/packages/kbn-language-documentation-popover/src/types.ts b/packages/kbn-language-documentation/src/types.ts similarity index 100% rename from packages/kbn-language-documentation-popover/src/types.ts rename to packages/kbn-language-documentation/src/types.ts diff --git a/packages/kbn-language-documentation-popover/src/utils/element_to_string.test.tsx b/packages/kbn-language-documentation/src/utils/element_to_string.test.tsx similarity index 100% rename from packages/kbn-language-documentation-popover/src/utils/element_to_string.test.tsx rename to packages/kbn-language-documentation/src/utils/element_to_string.test.tsx diff --git a/packages/kbn-language-documentation-popover/src/utils/element_to_string.ts b/packages/kbn-language-documentation/src/utils/element_to_string.ts similarity index 100% rename from packages/kbn-language-documentation-popover/src/utils/element_to_string.ts rename to packages/kbn-language-documentation/src/utils/element_to_string.ts diff --git a/packages/kbn-language-documentation-popover/src/utils/get_filtered_groups.test.tsx b/packages/kbn-language-documentation/src/utils/get_filtered_groups.test.tsx similarity index 100% rename from packages/kbn-language-documentation-popover/src/utils/get_filtered_groups.test.tsx rename to packages/kbn-language-documentation/src/utils/get_filtered_groups.test.tsx diff --git a/packages/kbn-language-documentation-popover/src/utils/get_filtered_groups.ts b/packages/kbn-language-documentation/src/utils/get_filtered_groups.ts similarity index 100% rename from packages/kbn-language-documentation-popover/src/utils/get_filtered_groups.ts rename to packages/kbn-language-documentation/src/utils/get_filtered_groups.ts diff --git a/packages/kbn-language-documentation-popover/tsconfig.json b/packages/kbn-language-documentation/tsconfig.json similarity index 100% rename from packages/kbn-language-documentation-popover/tsconfig.json rename to packages/kbn-language-documentation/tsconfig.json diff --git a/packages/kbn-management/cards_navigation/src/consts.tsx b/packages/kbn-management/cards_navigation/src/consts.tsx index 73bc2638c4e98..16e655c5510ad 100644 --- a/packages/kbn-management/cards_navigation/src/consts.tsx +++ b/packages/kbn-management/cards_navigation/src/consts.tsx @@ -72,6 +72,14 @@ export const appDefinitions: Record = { icon: 'documents', }, + [AppIds.DATA_USAGE]: { + category: appCategories.DATA, + description: i18n.translate('management.landing.withCardNavigation.dataUsageDescription', { + defaultMessage: 'View data usage and retention.', + }), + icon: 'documents', + }, + [AppIds.RULES]: { category: appCategories.ALERTS, description: i18n.translate('management.landing.withCardNavigation.rulesDescription', { diff --git a/packages/kbn-management/cards_navigation/src/types.ts b/packages/kbn-management/cards_navigation/src/types.ts index e53aadabc9eaa..5c14bc0755f1c 100644 --- a/packages/kbn-management/cards_navigation/src/types.ts +++ b/packages/kbn-management/cards_navigation/src/types.ts @@ -31,6 +31,7 @@ export enum AppIds { API_KEYS = 'api_keys', DATA_QUALITY = 'data_quality', SPACES = 'spaces', + DATA_USAGE = 'data_usage', } // Create new type that is a union of all the appId values diff --git a/packages/kbn-monaco/src/console/parser.js b/packages/kbn-monaco/src/console/parser.js index be0d5cbd27f68..014e579ac3477 100644 --- a/packages/kbn-monaco/src/console/parser.js +++ b/packages/kbn-monaco/src/console/parser.js @@ -67,6 +67,14 @@ export const createParser = () => { at += 1; return ch; }, + nextOneOf = function (chars) { + if (chars && !chars.includes(ch)) { + error('Expected one of ' + chars + ' instead of \'' + ch + '\''); + } + ch = text.charAt(at); + at += 1; + return ch; + }, nextUpTo = function (upTo, errorMessage) { let currentAt = at, i = text.indexOf(upTo, currentAt); @@ -221,84 +229,45 @@ export const createParser = () => { }, // parses and returns the method method = function () { - switch (ch) { - case 'g': - next('g'); - next('e'); - next('t'); - return 'get'; + const upperCaseChar = ch.toUpperCase(); + switch (upperCaseChar) { case 'G': - next('G'); - next('E'); - next('T'); + nextOneOf(['G', 'g']); + nextOneOf(['E', 'e']); + nextOneOf(['T', 't']); return 'GET'; - case 'h': - next('h'); - next('e'); - next('a'); - next('d'); - return 'head'; case 'H': - next('H'); - next('E'); - next('A'); - next('D'); + nextOneOf(['H', 'h']); + nextOneOf(['E', 'e']); + nextOneOf(['A', 'a']); + nextOneOf(['D', 'd']); return 'HEAD'; - case 'd': - next('d'); - next('e'); - next('l'); - next('e'); - next('t'); - next('e'); - return 'delete'; case 'D': - next('D'); - next('E'); - next('L'); - next('E'); - next('T'); - next('E'); + nextOneOf(['D', 'd']); + nextOneOf(['E', 'e']); + nextOneOf(['L', 'l']); + nextOneOf(['E', 'e']); + nextOneOf(['T', 't']); + nextOneOf(['E', 'e']); return 'DELETE'; - case 'p': - next('p'); - switch (ch) { - case 'a': - next('a'); - next('t'); - next('c'); - next('h'); - return 'patch'; - case 'u': - next('u'); - next('t'); - return 'put'; - case 'o': - next('o'); - next('s'); - next('t'); - return 'post'; - default: - error('Unexpected \'' + ch + '\''); - } - break; case 'P': - next('P'); - switch (ch) { + nextOneOf(['P', 'p']); + const nextUpperCaseChar = ch.toUpperCase(); + switch (nextUpperCaseChar) { case 'A': - next('A'); - next('T'); - next('C'); - next('H'); + nextOneOf(['A', 'a']); + nextOneOf(['T', 't']); + nextOneOf(['C', 'c']); + nextOneOf(['H', 'h']); return 'PATCH'; case 'U': - next('U'); - next('T'); + nextOneOf(['U', 'u']); + nextOneOf(['T', 't']); return 'PUT'; case 'O': - next('O'); - next('S'); - next('T'); + nextOneOf(['O', 'o']); + nextOneOf(['S', 's']); + nextOneOf(['T', 't']); return 'POST'; default: error('Unexpected \'' + ch + '\''); diff --git a/packages/kbn-monaco/src/console/parser.test.ts b/packages/kbn-monaco/src/console/parser.test.ts index 2c4417bdcd8a6..f9e9f3516c542 100644 --- a/packages/kbn-monaco/src/console/parser.test.ts +++ b/packages/kbn-monaco/src/console/parser.test.ts @@ -52,4 +52,49 @@ describe('console parser', () => { expect(startOffset).toBe(0); expect(endOffset).toBe(52); }); + + describe('case insensitive methods', () => { + const expectedRequests = [ + { + startOffset: 0, + endOffset: 11, + }, + { + startOffset: 12, + endOffset: 24, + }, + { + startOffset: 25, + endOffset: 38, + }, + { + startOffset: 39, + endOffset: 50, + }, + { + startOffset: 51, + endOffset: 63, + }, + ]; + it('allows upper case methods', () => { + const input = 'GET _search\nPOST _search\nPATCH _search\nPUT _search\nHEAD _search'; + const { requests, errors } = parser(input) as ConsoleParserResult; + expect(errors.length).toBe(0); + expect(requests).toEqual(expectedRequests); + }); + + it('allows lower case methods', () => { + const input = 'get _search\npost _search\npatch _search\nput _search\nhead _search'; + const { requests, errors } = parser(input) as ConsoleParserResult; + expect(errors.length).toBe(0); + expect(requests).toEqual(expectedRequests); + }); + + it('allows mixed case methods', () => { + const input = 'GeT _search\npOSt _search\nPaTch _search\nPut _search\nheAD _search'; + const { requests, errors } = parser(input) as ConsoleParserResult; + expect(errors.length).toBe(0); + expect(requests).toEqual(expectedRequests); + }); + }); }); diff --git a/packages/kbn-optimizer/limits.yml b/packages/kbn-optimizer/limits.yml index 116a087af89f6..da5ba0500eeb9 100644 --- a/packages/kbn-optimizer/limits.yml +++ b/packages/kbn-optimizer/limits.yml @@ -29,6 +29,7 @@ pageLoadAssetSize: data: 454087 dataQuality: 19384 datasetQuality: 52000 + dataUsage: 30000 dataViewEditor: 28082 dataViewFieldEditor: 42021 dataViewManagement: 5300 diff --git a/packages/kbn-std/index.ts b/packages/kbn-std/index.ts index 294c168fdd0db..82467cc93d61d 100644 --- a/packages/kbn-std/index.ts +++ b/packages/kbn-std/index.ts @@ -19,7 +19,6 @@ export type { URLMeaningfulParts } from './src/url'; export { isRelativeUrl, modifyUrl, getUrlOrigin } from './src/url'; export { isInternalURL } from './src/is_internal_url'; export { parseNextURL } from './src/parse_next_url'; -export { unset } from './src/unset'; export { getFlattenedObject } from './src/get_flattened_object'; export { ensureNoUnsafeProperties } from './src/ensure_no_unsafe_properties'; export { diff --git a/packages/kbn-std/src/unset.test.ts b/packages/kbn-std/src/unset.test.ts deleted file mode 100644 index 6165423d8539e..0000000000000 --- a/packages/kbn-std/src/unset.test.ts +++ /dev/null @@ -1,94 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import { unset } from './unset'; - -describe('unset', () => { - it('deletes a property from an object', () => { - const obj = { - a: 'a', - b: 'b', - c: 'c', - }; - unset(obj, 'a'); - expect(obj).toEqual({ - b: 'b', - c: 'c', - }); - }); - - it('does nothing if the property is not present', () => { - const obj = { - a: 'a', - b: 'b', - c: 'c', - }; - unset(obj, 'd'); - expect(obj).toEqual({ - a: 'a', - b: 'b', - c: 'c', - }); - }); - - it('handles nested paths', () => { - const obj = { - foo: { - bar: { - one: 'one', - two: 'two', - }, - hello: 'dolly', - }, - some: { - things: 'here', - }, - }; - unset(obj, 'foo.bar.one'); - expect(obj).toEqual({ - foo: { - bar: { - two: 'two', - }, - hello: 'dolly', - }, - some: { - things: 'here', - }, - }); - }); - - it('does nothing if nested paths does not exist', () => { - const obj = { - foo: { - bar: { - one: 'one', - two: 'two', - }, - hello: 'dolly', - }, - some: { - things: 'here', - }, - }; - unset(obj, 'foo.nothere.baz'); - expect(obj).toEqual({ - foo: { - bar: { - one: 'one', - two: 'two', - }, - hello: 'dolly', - }, - some: { - things: 'here', - }, - }); - }); -}); diff --git a/packages/kbn-std/src/unset.ts b/packages/kbn-std/src/unset.ts deleted file mode 100644 index f18fce5175533..0000000000000 --- a/packages/kbn-std/src/unset.ts +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import { get } from './get'; - -/** - * Unset a (potentially nested) key from given object. - * This mutates the original object. - * - * @example - * ``` - * unset(myObj, 'someRootProperty'); - * unset(myObj, 'some.nested.path'); - * ``` - */ -export function unset(obj: OBJ, atPath: string) { - const paths = atPath - .split('.') - .map((s) => s.trim()) - .filter((v) => v !== ''); - if (paths.length === 0) { - return; - } - if (paths.length === 1) { - delete obj[paths[0]]; - return; - } - const property = paths.pop() as string; - const parent = get(obj, paths as any) as any; - if (parent !== undefined) { - delete parent[property]; - } -} diff --git a/packages/kbn-text-based-editor/src/editor_footer/index.tsx b/packages/kbn-text-based-editor/src/editor_footer/index.tsx index 6468a2c08a8bc..2771f5118ec8f 100644 --- a/packages/kbn-text-based-editor/src/editor_footer/index.tsx +++ b/packages/kbn-text-based-editor/src/editor_footer/index.tsx @@ -23,7 +23,7 @@ import { useKibana } from '@kbn/kibana-react-plugin/public'; import { LanguageDocumentationInline, LanguageDocumentationFlyout, -} from '@kbn/language-documentation-popover'; +} from '@kbn/language-documentation'; import { getLimitFromESQLQuery } from '@kbn/esql-utils'; import { type MonacoMessage } from '../helpers'; import { ErrorsWarningsFooterPopover } from './errors_warnings_popover'; diff --git a/packages/kbn-text-based-editor/tsconfig.json b/packages/kbn-text-based-editor/tsconfig.json index f78895eab32e4..c26b971e5231c 100644 --- a/packages/kbn-text-based-editor/tsconfig.json +++ b/packages/kbn-text-based-editor/tsconfig.json @@ -18,7 +18,7 @@ "@kbn/es-query", "@kbn/core", "@kbn/kibana-react-plugin", - "@kbn/language-documentation-popover", + "@kbn/language-documentation", "@kbn/test-jest-helpers", "@kbn/data-plugin", "@kbn/expressions-plugin", diff --git a/src/plugins/saved_objects/public/saved_object/decorators/index.ts b/scripts/get_owners_for_file.js similarity index 66% rename from src/plugins/saved_objects/public/saved_object/decorators/index.ts rename to scripts/get_owners_for_file.js index 62f4f27bd2590..f5a07b76ee04c 100644 --- a/src/plugins/saved_objects/public/saved_object/decorators/index.ts +++ b/scripts/get_owners_for_file.js @@ -7,6 +7,5 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -export type { ISavedObjectDecoratorRegistry, SavedObjectDecoratorConfig } from './registry'; -export { SavedObjectDecoratorRegistry } from './registry'; -export type { SavedObjectDecorator, SavedObjectDecoratorFactory } from './types'; +require('../src/setup_node_env'); +require('@kbn/code-owners').runGetOwnersForFileCli(); diff --git a/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts b/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts index f4500df51f205..a8b31ffdd90fa 100644 --- a/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts +++ b/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts @@ -120,7 +120,7 @@ describe('checking migration metadata changes on all registered SO types', () => "infra-custom-dashboards": "1a5994f2e05bb8a1609825ddbf5012f77c5c67f3", "infrastructure-monitoring-log-view": "5f86709d3c27aed7a8379153b08ee5d3d90d77f5", "infrastructure-ui-source": "113182d6895764378dfe7fa9fa027244f3a457c4", - "ingest-agent-policies": "90625b4a5ded9d4867358fcccc14a57c0454fcee", + "ingest-agent-policies": "5e95e539826a40ad08fd0c1d161da0a4d86ffc6d", "ingest-download-sources": "279a68147e62e4d8858c09ad1cf03bd5551ce58d", "ingest-outputs": "daafff49255ab700e07491376fe89f04fc998b91", "ingest-package-policies": "53a94064674835fdb35e5186233bcd7052eabd22", diff --git a/src/dev/storybook/aliases.ts b/src/dev/storybook/aliases.ts index c9680f9991955..21f95961404ec 100644 --- a/src/dev/storybook/aliases.ts +++ b/src/dev/storybook/aliases.ts @@ -19,7 +19,7 @@ export const storybookAliases = { cloud_chat: 'x-pack/plugins/cloud_integrations/cloud_chat/.storybook', cloud: 'packages/cloud/.storybook', coloring: 'packages/kbn-coloring/.storybook', - language_documentation_popover: 'packages/kbn-language-documentation-popover/.storybook', + language_documentation_popover: 'packages/kbn-language-documentation/.storybook', chart_icons: 'packages/kbn-chart-icons/.storybook', content_management_examples: 'examples/content_management_examples/.storybook', custom_icons: 'packages/kbn-custom-icons/.storybook', diff --git a/src/plugins/console/server/lib/spec_definitions/js/mappings.ts b/src/plugins/console/server/lib/spec_definitions/js/mappings.ts index 22e7287aa6374..c8352941953ae 100644 --- a/src/plugins/console/server/lib/spec_definitions/js/mappings.ts +++ b/src/plugins/console/server/lib/spec_definitions/js/mappings.ts @@ -64,6 +64,7 @@ export const mappings = (specService: SpecDefinitionsService) => { 'nested', 'geo_point', 'geo_shape', + 'dense_vector', ], }, @@ -85,7 +86,24 @@ export const mappings = (specService: SpecDefinitionsService) => { // index_prefixes: { min_chars, max_chars }, index_options: { - __one_of: ['docs', 'freqs', 'positions'], + // leave the first item blank because the default depends on type + __one_of: [ + '', + // text-based types + 'docs', + 'freqs', + 'positions', + 'offsets', + // dense_vector type + { + type: { + __one_of: ['int8_hnsw', 'hnsw', 'int4_hnsw', 'flat', 'int8_flat', 'int4_flat'], + }, + m: 16, + ef_construction: 100, + confidence_interval: 0, + }, + ], }, analyzer: 'standard', search_analyzer: 'standard', @@ -215,7 +233,18 @@ export const mappings = (specService: SpecDefinitionsService) => { }, }, similarity: { - __one_of: ['default', 'BM25'], + // leave the first item blank because the default depends on type + __one_of: [ + '', + // text-based types + 'BM25', + 'boolean', + // dense_vector type + 'l2_norm', + 'dot_product', + 'cosine', + 'max_inner_product', + ], }, // objects @@ -234,6 +263,12 @@ export const mappings = (specService: SpecDefinitionsService) => { // nested include_in_parent: BOOLEAN, include_in_root: BOOLEAN, + + // dense_vector + element_type: { + __one_of: ['float', 'byte', 'bit'], + }, + dims: 3, }, }, }, diff --git a/src/plugins/console/server/lib/spec_definitions/json/overrides/security.put_role.json b/src/plugins/console/server/lib/spec_definitions/json/overrides/security.put_role.json index c7df9c2968420..36d0762712b64 100644 --- a/src/plugins/console/server/lib/spec_definitions/json/overrides/security.put_role.json +++ b/src/plugins/console/server/lib/spec_definitions/json/overrides/security.put_role.json @@ -10,6 +10,15 @@ "query": "" } ], + "remote_indices": [ + { + "clusters": [], + "field_security": {}, + "names": [], + "privileges": [], + "query": "" + } + ], "run_as": [], "metadata": {} } diff --git a/src/plugins/controls/public/actions/delete_control_action.test.tsx b/src/plugins/controls/public/actions/delete_control_action.test.tsx index c158d743f69ae..56b020962a9f7 100644 --- a/src/plugins/controls/public/actions/delete_control_action.test.tsx +++ b/src/plugins/controls/public/actions/delete_control_action.test.tsx @@ -10,14 +10,11 @@ import { BehaviorSubject } from 'rxjs'; import { ViewMode } from '@kbn/presentation-publishing'; -import { getOptionsListControlFactory } from '../react_controls/controls/data_controls/options_list_control/get_options_list_control_factory'; -import { OptionsListControlApi } from '../react_controls/controls/data_controls/options_list_control/types'; -import { - getMockedBuildApi, - getMockedControlGroupApi, -} from '../react_controls/controls/mocks/control_mocks'; -import { DeleteControlAction } from './delete_control_action'; +import { getOptionsListControlFactory } from '../controls/data_controls/options_list_control/get_options_list_control_factory'; +import { OptionsListControlApi } from '../controls/data_controls/options_list_control/types'; +import { getMockedBuildApi, getMockedControlGroupApi } from '../controls/mocks/control_mocks'; import { coreServices } from '../services/kibana_services'; +import { DeleteControlAction } from './delete_control_action'; const dashboardApi = { viewMode: new BehaviorSubject('view'), diff --git a/src/plugins/controls/public/actions/edit_control_action.test.tsx b/src/plugins/controls/public/actions/edit_control_action.test.tsx index b1c24d779aaf6..497223d9f0889 100644 --- a/src/plugins/controls/public/actions/edit_control_action.test.tsx +++ b/src/plugins/controls/public/actions/edit_control_action.test.tsx @@ -13,13 +13,10 @@ import dateMath from '@kbn/datemath'; import type { TimeRange } from '@kbn/es-query'; import type { ViewMode } from '@kbn/presentation-publishing'; -import { getOptionsListControlFactory } from '../react_controls/controls/data_controls/options_list_control/get_options_list_control_factory'; -import type { OptionsListControlApi } from '../react_controls/controls/data_controls/options_list_control/types'; -import { - getMockedBuildApi, - getMockedControlGroupApi, -} from '../react_controls/controls/mocks/control_mocks'; -import { getTimesliderControlFactory } from '../react_controls/controls/timeslider_control/get_timeslider_control_factory'; +import { getOptionsListControlFactory } from '../controls/data_controls/options_list_control/get_options_list_control_factory'; +import type { OptionsListControlApi } from '../controls/data_controls/options_list_control/types'; +import { getMockedBuildApi, getMockedControlGroupApi } from '../controls/mocks/control_mocks'; +import { getTimesliderControlFactory } from '../controls/timeslider_control/get_timeslider_control_factory'; import { dataService } from '../services/kibana_services'; import { EditControlAction } from './edit_control_action'; diff --git a/src/plugins/controls/public/actions/edit_control_action_compatibility_check.ts b/src/plugins/controls/public/actions/edit_control_action_compatibility_check.ts index f74c6b0103c9d..0af5a942dd032 100644 --- a/src/plugins/controls/public/actions/edit_control_action_compatibility_check.ts +++ b/src/plugins/controls/public/actions/edit_control_action_compatibility_check.ts @@ -7,6 +7,7 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ +import { ViewMode } from '@kbn/embeddable-plugin/public'; import { apiIsPresentationContainer } from '@kbn/presentation-containers'; import { apiCanAccessViewMode, @@ -17,9 +18,9 @@ import { getInheritedViewMode, hasEditCapabilities, } from '@kbn/presentation-publishing'; -import { ViewMode } from '@kbn/embeddable-plugin/public'; + import { CONTROL_GROUP_TYPE } from '../../common'; -import { DataControlApi } from '../react_controls/controls/data_controls/types'; +import { DataControlApi } from '../controls/data_controls/types'; export const compatibilityCheck = (api: unknown): api is DataControlApi => { return Boolean( diff --git a/src/plugins/controls/public/react_controls/control_factory_registry.ts b/src/plugins/controls/public/control_factory_registry.ts similarity index 100% rename from src/plugins/controls/public/react_controls/control_factory_registry.ts rename to src/plugins/controls/public/control_factory_registry.ts diff --git a/src/plugins/controls/public/react_controls/control_group/components/control_clone.tsx b/src/plugins/controls/public/control_group/components/control_clone.tsx similarity index 97% rename from src/plugins/controls/public/react_controls/control_group/components/control_clone.tsx rename to src/plugins/controls/public/control_group/components/control_clone.tsx index 38cb7b1703559..7002bbf78d5d4 100644 --- a/src/plugins/controls/public/react_controls/control_group/components/control_clone.tsx +++ b/src/plugins/controls/public/control_group/components/control_clone.tsx @@ -13,7 +13,7 @@ import React from 'react'; import { EuiFlexGroup, EuiFlexItem, EuiFormLabel, EuiIcon } from '@elastic/eui'; import { useBatchedPublishingSubjects } from '@kbn/presentation-publishing'; import { BehaviorSubject } from 'rxjs'; -import { DEFAULT_CONTROL_GROW } from '../../../../common'; +import { DEFAULT_CONTROL_GROW } from '../../../common'; import { DefaultControlApi } from '../../controls/types'; diff --git a/src/plugins/controls/public/react_controls/control_group/components/control_error.tsx b/src/plugins/controls/public/control_group/components/control_error.tsx similarity index 100% rename from src/plugins/controls/public/react_controls/control_group/components/control_error.tsx rename to src/plugins/controls/public/control_group/components/control_error.tsx diff --git a/src/plugins/controls/public/react_controls/control_group/components/control_group.scss b/src/plugins/controls/public/control_group/components/control_group.scss similarity index 100% rename from src/plugins/controls/public/react_controls/control_group/components/control_group.scss rename to src/plugins/controls/public/control_group/components/control_group.scss diff --git a/src/plugins/controls/public/react_controls/control_group/components/control_group.tsx b/src/plugins/controls/public/control_group/components/control_group.tsx similarity index 98% rename from src/plugins/controls/public/react_controls/control_group/components/control_group.tsx rename to src/plugins/controls/public/control_group/components/control_group.tsx index 54e778684806a..6453474aa8ff2 100644 --- a/src/plugins/controls/public/react_controls/control_group/components/control_group.tsx +++ b/src/plugins/controls/public/control_group/components/control_group.tsx @@ -30,7 +30,7 @@ import { EuiButtonIcon, EuiFlexGroup, EuiFlexItem, EuiPanel, EuiToolTip } from ' import { css } from '@emotion/react'; import { useBatchedPublishingSubjects } from '@kbn/presentation-publishing'; -import type { ControlLabelPosition } from '../../../../common'; +import type { ControlLabelPosition } from '../../../common'; import type { DefaultControlApi } from '../../controls/types'; import { ControlGroupStrings } from '../control_group_strings'; import { ControlsInOrder } from '../init_controls_manager'; diff --git a/src/plugins/controls/public/react_controls/control_group/components/control_group_editor.test.tsx b/src/plugins/controls/public/control_group/components/control_group_editor.test.tsx similarity index 96% rename from src/plugins/controls/public/react_controls/control_group/components/control_group_editor.test.tsx rename to src/plugins/controls/public/control_group/components/control_group_editor.test.tsx index b3705106afe2c..a17068228f9a8 100644 --- a/src/plugins/controls/public/react_controls/control_group/components/control_group_editor.test.tsx +++ b/src/plugins/controls/public/control_group/components/control_group_editor.test.tsx @@ -12,13 +12,13 @@ import { BehaviorSubject } from 'rxjs'; import { render } from '@testing-library/react'; -import { ControlGroupApi } from '../../..'; +import { ControlGroupApi } from '../..'; import { ControlGroupChainingSystem, ControlLabelPosition, DEFAULT_CONTROL_LABEL_POSITION, ParentIgnoreSettings, -} from '../../../../common'; +} from '../../../common'; import { DefaultControlApi } from '../../controls/types'; import { ControlGroupEditor } from './control_group_editor'; diff --git a/src/plugins/controls/public/react_controls/control_group/components/control_group_editor.tsx b/src/plugins/controls/public/control_group/components/control_group_editor.tsx similarity index 99% rename from src/plugins/controls/public/react_controls/control_group/components/control_group_editor.tsx rename to src/plugins/controls/public/control_group/components/control_group_editor.tsx index c4e7dc61476ba..8f1ccb4d699b0 100644 --- a/src/plugins/controls/public/react_controls/control_group/components/control_group_editor.tsx +++ b/src/plugins/controls/public/control_group/components/control_group_editor.tsx @@ -27,7 +27,7 @@ import { } from '@elastic/eui'; import { useBatchedPublishingSubjects } from '@kbn/presentation-publishing'; -import type { ControlLabelPosition, ParentIgnoreSettings } from '../../../../common'; +import type { ControlLabelPosition, ParentIgnoreSettings } from '../../../common'; import { CONTROL_LAYOUT_OPTIONS } from '../../controls/data_controls/editor_constants'; import type { ControlStateManager } from '../../controls/types'; import { ControlGroupStrings } from '../control_group_strings'; diff --git a/src/plugins/controls/public/react_controls/control_group/components/control_panel.scss b/src/plugins/controls/public/control_group/components/control_panel.scss similarity index 100% rename from src/plugins/controls/public/react_controls/control_group/components/control_panel.scss rename to src/plugins/controls/public/control_group/components/control_panel.scss diff --git a/src/plugins/controls/public/react_controls/control_group/components/control_panel.test.tsx b/src/plugins/controls/public/control_group/components/control_panel.test.tsx similarity index 99% rename from src/plugins/controls/public/react_controls/control_group/components/control_panel.test.tsx rename to src/plugins/controls/public/control_group/components/control_panel.test.tsx index 365c896bb908e..116e268afe208 100644 --- a/src/plugins/controls/public/react_controls/control_group/components/control_panel.test.tsx +++ b/src/plugins/controls/public/control_group/components/control_panel.test.tsx @@ -14,7 +14,7 @@ import { pluginServices as presentationUtilPluginServices } from '@kbn/presentat import { registry as presentationUtilServicesRegistry } from '@kbn/presentation-util-plugin/public/services/plugin_services.story'; import { render, waitFor } from '@testing-library/react'; -import type { ControlLabelPosition, ControlWidth } from '../../../../common'; +import type { ControlLabelPosition, ControlWidth } from '../../../common'; import { ControlPanel } from './control_panel'; describe('render', () => { diff --git a/src/plugins/controls/public/react_controls/control_group/components/control_panel.tsx b/src/plugins/controls/public/control_group/components/control_panel.tsx similarity index 99% rename from src/plugins/controls/public/react_controls/control_group/components/control_panel.tsx rename to src/plugins/controls/public/control_group/components/control_panel.tsx index 7936ebc896c12..73eee5c5146ae 100644 --- a/src/plugins/controls/public/react_controls/control_group/components/control_panel.tsx +++ b/src/plugins/controls/public/control_group/components/control_panel.tsx @@ -28,7 +28,7 @@ import { useBatchedOptionalPublishingSubjects, } from '@kbn/presentation-publishing'; import { FloatingActions } from '@kbn/presentation-util-plugin/public'; -import { DEFAULT_CONTROL_GROW, DEFAULT_CONTROL_WIDTH } from '../../../../common'; +import { DEFAULT_CONTROL_GROW, DEFAULT_CONTROL_WIDTH } from '../../../common'; import { ControlPanelProps, DefaultControlApi } from '../../controls/types'; import { ControlError } from './control_error'; diff --git a/src/plugins/controls/public/react_controls/control_group/components/control_renderer.tsx b/src/plugins/controls/public/control_group/components/control_renderer.tsx similarity index 98% rename from src/plugins/controls/public/react_controls/control_group/components/control_renderer.tsx rename to src/plugins/controls/public/control_group/components/control_renderer.tsx index e2a09012c7df2..a30c39f1dfe2a 100644 --- a/src/plugins/controls/public/react_controls/control_group/components/control_renderer.tsx +++ b/src/plugins/controls/public/control_group/components/control_renderer.tsx @@ -13,7 +13,7 @@ import { BehaviorSubject } from 'rxjs'; import { initializeUnsavedChanges } from '@kbn/presentation-containers'; import { StateComparators } from '@kbn/presentation-publishing'; -import type { DefaultControlState } from '../../../../common'; +import type { DefaultControlState } from '../../../common'; import { getControlFactory } from '../../control_factory_registry'; import type { ControlApiRegistration, DefaultControlApi } from '../../controls/types'; import type { ControlGroupApi } from '../types'; diff --git a/src/plugins/controls/public/react_controls/control_group/components/control_setting_tooltip_label.tsx b/src/plugins/controls/public/control_group/components/control_setting_tooltip_label.tsx similarity index 100% rename from src/plugins/controls/public/react_controls/control_group/components/control_setting_tooltip_label.tsx rename to src/plugins/controls/public/control_group/components/control_setting_tooltip_label.tsx diff --git a/src/plugins/controls/public/react_controls/control_group/control_fetch/chaining.test.ts b/src/plugins/controls/public/control_group/control_fetch/chaining.test.ts similarity index 99% rename from src/plugins/controls/public/react_controls/control_group/control_fetch/chaining.test.ts rename to src/plugins/controls/public/control_group/control_fetch/chaining.test.ts index cb8dfe1d922ce..7c8650a104afe 100644 --- a/src/plugins/controls/public/react_controls/control_group/control_fetch/chaining.test.ts +++ b/src/plugins/controls/public/control_group/control_fetch/chaining.test.ts @@ -11,7 +11,7 @@ import { BehaviorSubject, skip } from 'rxjs'; import { Filter } from '@kbn/es-query'; -import { ControlGroupChainingSystem } from '../../../../common'; +import { ControlGroupChainingSystem } from '../../../common'; import { chaining$ } from './chaining'; const FILTER_ALPHA = { diff --git a/src/plugins/controls/public/react_controls/control_group/control_fetch/chaining.ts b/src/plugins/controls/public/control_group/control_fetch/chaining.ts similarity index 98% rename from src/plugins/controls/public/react_controls/control_group/control_fetch/chaining.ts rename to src/plugins/controls/public/control_group/control_fetch/chaining.ts index d25a0b5d24cf6..5c82b0eaddf1b 100644 --- a/src/plugins/controls/public/react_controls/control_group/control_fetch/chaining.ts +++ b/src/plugins/controls/public/control_group/control_fetch/chaining.ts @@ -24,7 +24,7 @@ import { apiPublishesTimeslice, } from '@kbn/presentation-publishing'; -import type { ControlGroupChainingSystem } from '../../../../common'; +import type { ControlGroupChainingSystem } from '../../../common'; export interface ChainingContext { chainingFilters?: Filter[] | undefined; diff --git a/src/plugins/controls/public/react_controls/control_group/control_fetch/control_fetch.ts b/src/plugins/controls/public/control_group/control_fetch/control_fetch.ts similarity index 100% rename from src/plugins/controls/public/react_controls/control_group/control_fetch/control_fetch.ts rename to src/plugins/controls/public/control_group/control_fetch/control_fetch.ts diff --git a/src/plugins/controls/public/react_controls/control_group/control_fetch/control_group_fetch.ts b/src/plugins/controls/public/control_group/control_fetch/control_group_fetch.ts similarity index 97% rename from src/plugins/controls/public/react_controls/control_group/control_fetch/control_group_fetch.ts rename to src/plugins/controls/public/control_group/control_fetch/control_group_fetch.ts index 0339a1a6ac716..ef6da75caa135 100644 --- a/src/plugins/controls/public/react_controls/control_group/control_fetch/control_group_fetch.ts +++ b/src/plugins/controls/public/control_group/control_fetch/control_group_fetch.ts @@ -11,7 +11,7 @@ import { AggregateQuery, Filter, Query, TimeRange } from '@kbn/es-query'; import { PublishesUnifiedSearch, PublishingSubject } from '@kbn/presentation-publishing'; import { apiPublishesReload } from '@kbn/presentation-publishing/interfaces/fetch/publishes_reload'; import { BehaviorSubject, debounceTime, map, merge, Observable, switchMap } from 'rxjs'; -import { ParentIgnoreSettings } from '../../../../common'; +import { ParentIgnoreSettings } from '../../../common'; export interface ControlGroupFetchContext { unifiedSearchFilters?: Filter[] | undefined; diff --git a/src/plugins/controls/public/react_controls/control_group/control_fetch/index.ts b/src/plugins/controls/public/control_group/control_fetch/index.ts similarity index 100% rename from src/plugins/controls/public/react_controls/control_group/control_fetch/index.ts rename to src/plugins/controls/public/control_group/control_fetch/index.ts diff --git a/src/plugins/controls/public/react_controls/external_api/control_group_renderer.test.tsx b/src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.test.tsx similarity index 97% rename from src/plugins/controls/public/react_controls/external_api/control_group_renderer.test.tsx rename to src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.test.tsx index e034ca817908e..a0ca9b74f222f 100644 --- a/src/plugins/controls/public/react_controls/external_api/control_group_renderer.test.tsx +++ b/src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.test.tsx @@ -16,7 +16,7 @@ import { act, render, waitFor } from '@testing-library/react'; import { ControlGroupRendererApi } from '.'; import { CONTROL_GROUP_TYPE } from '../..'; -import { getControlGroupEmbeddableFactory } from '../control_group/get_control_group_factory'; +import { getControlGroupEmbeddableFactory } from '../get_control_group_factory'; import { ControlGroupRenderer, ControlGroupRendererProps } from './control_group_renderer'; type ParentApiType = PublishesUnifiedSearch & { diff --git a/src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx b/src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx similarity index 97% rename from src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx rename to src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx index 74d477c48f23a..728c8ca551a28 100644 --- a/src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx +++ b/src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx @@ -25,8 +25,8 @@ import { import { type ControlGroupStateBuilder, controlGroupStateBuilder, -} from '../control_group/utils/control_group_state_builder'; -import { getDefaultControlGroupRuntimeState } from '../control_group/utils/initialization_utils'; +} from '../utils/control_group_state_builder'; +import { getDefaultControlGroupRuntimeState } from '../utils/initialization_utils'; import type { ControlGroupCreationOptions, ControlGroupRendererApi } from './types'; export interface ControlGroupRendererProps { diff --git a/src/plugins/controls/public/react_controls/external_api/control_group_renderer_lazy.tsx b/src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer_lazy.tsx similarity index 100% rename from src/plugins/controls/public/react_controls/external_api/control_group_renderer_lazy.tsx rename to src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer_lazy.tsx diff --git a/src/plugins/controls/public/react_controls/external_api/index.ts b/src/plugins/controls/public/control_group/control_group_renderer/index.ts similarity index 100% rename from src/plugins/controls/public/react_controls/external_api/index.ts rename to src/plugins/controls/public/control_group/control_group_renderer/index.ts diff --git a/src/plugins/controls/public/react_controls/external_api/types.ts b/src/plugins/controls/public/control_group/control_group_renderer/types.ts similarity index 100% rename from src/plugins/controls/public/react_controls/external_api/types.ts rename to src/plugins/controls/public/control_group/control_group_renderer/types.ts diff --git a/src/plugins/controls/public/react_controls/control_group/control_group_strings.tsx b/src/plugins/controls/public/control_group/control_group_strings.tsx similarity index 100% rename from src/plugins/controls/public/react_controls/control_group/control_group_strings.tsx rename to src/plugins/controls/public/control_group/control_group_strings.tsx diff --git a/src/plugins/controls/public/react_controls/control_group/control_group_unsaved_changes_api.ts b/src/plugins/controls/public/control_group/control_group_unsaved_changes_api.ts similarity index 99% rename from src/plugins/controls/public/react_controls/control_group/control_group_unsaved_changes_api.ts rename to src/plugins/controls/public/control_group/control_group_unsaved_changes_api.ts index d26812cdd0b8f..5f01410a85718 100644 --- a/src/plugins/controls/public/react_controls/control_group/control_group_unsaved_changes_api.ts +++ b/src/plugins/controls/public/control_group/control_group_unsaved_changes_api.ts @@ -21,7 +21,7 @@ import { type StateComparators, } from '@kbn/presentation-publishing'; -import type { ControlGroupRuntimeState, ControlPanelsState } from '../../../common'; +import type { ControlGroupRuntimeState, ControlPanelsState } from '../../common'; import { apiPublishesAsyncFilters } from '../controls/data_controls/publishes_async_filters'; import { getControlsInOrder, type ControlsInOrder } from './init_controls_manager'; diff --git a/src/plugins/controls/public/react_controls/control_group/get_control_group_factory.tsx b/src/plugins/controls/public/control_group/get_control_group_factory.tsx similarity index 98% rename from src/plugins/controls/public/react_controls/control_group/get_control_group_factory.tsx rename to src/plugins/controls/public/control_group/get_control_group_factory.tsx index 77da1480eb494..62af1d1f868a9 100644 --- a/src/plugins/controls/public/react_controls/control_group/get_control_group_factory.tsx +++ b/src/plugins/controls/public/control_group/get_control_group_factory.tsx @@ -32,9 +32,10 @@ import type { ControlLabelPosition, ControlPanelsState, ParentIgnoreSettings, -} from '../../../common'; -import { CONTROL_GROUP_TYPE, DEFAULT_CONTROL_LABEL_POSITION } from '../../../common'; +} from '../../common'; +import { CONTROL_GROUP_TYPE, DEFAULT_CONTROL_LABEL_POSITION } from '../../common'; import { openDataControlEditor } from '../controls/data_controls/open_data_control_editor'; +import { coreServices, dataViewsService } from '../services/kibana_services'; import { ControlGroup } from './components/control_group'; import { chaining$, controlFetch$, controlGroupFetch$ } from './control_fetch'; import { initializeControlGroupUnsavedChanges } from './control_group_unsaved_changes_api'; @@ -43,7 +44,6 @@ import { openEditControlGroupFlyout } from './open_edit_control_group_flyout'; import { initSelectionsManager } from './selections_manager'; import type { ControlGroupApi } from './types'; import { deserializeControlGroup } from './utils/serialization_utils'; -import { coreServices, dataViewsService } from '../../services/kibana_services'; const DEFAULT_CHAINING_SYSTEM = 'HIERARCHICAL'; diff --git a/src/plugins/controls/public/react_controls/control_group/init_controls_manager.test.ts b/src/plugins/controls/public/control_group/init_controls_manager.test.ts similarity index 98% rename from src/plugins/controls/public/react_controls/control_group/init_controls_manager.test.ts rename to src/plugins/controls/public/control_group/init_controls_manager.test.ts index 2137c502c2e64..29998325664bb 100644 --- a/src/plugins/controls/public/react_controls/control_group/init_controls_manager.test.ts +++ b/src/plugins/controls/public/control_group/init_controls_manager.test.ts @@ -8,13 +8,9 @@ */ import { BehaviorSubject } from 'rxjs'; +import type { ControlPanelState, ControlPanelsState, DefaultDataControlState } from '../../common'; import type { DefaultControlApi } from '../controls/types'; -import { initControlsManager, getLastUsedDataViewId } from './init_controls_manager'; -import type { - ControlPanelState, - DefaultDataControlState, - ControlPanelsState, -} from '../../../common'; +import { getLastUsedDataViewId, initControlsManager } from './init_controls_manager'; jest.mock('uuid', () => ({ v4: jest.fn().mockReturnValue('delta'), diff --git a/src/plugins/controls/public/react_controls/control_group/init_controls_manager.ts b/src/plugins/controls/public/control_group/init_controls_manager.ts similarity index 99% rename from src/plugins/controls/public/react_controls/control_group/init_controls_manager.ts rename to src/plugins/controls/public/control_group/init_controls_manager.ts index 5b499f1924f1a..ee020bf1fbd59 100644 --- a/src/plugins/controls/public/react_controls/control_group/init_controls_manager.ts +++ b/src/plugins/controls/public/control_group/init_controls_manager.ts @@ -26,8 +26,8 @@ import type { ControlWidth, DefaultControlState, DefaultDataControlState, -} from '../../../common'; -import { DEFAULT_CONTROL_GROW, DEFAULT_CONTROL_WIDTH } from '../../../common'; +} from '../../common'; +import { DEFAULT_CONTROL_GROW, DEFAULT_CONTROL_WIDTH } from '../../common'; import type { DefaultControlApi } from '../controls/types'; import type { ControlGroupComparatorState } from './control_group_unsaved_changes_api'; import type { ControlGroupApi } from './types'; diff --git a/src/plugins/controls/public/react_controls/control_group/open_edit_control_group_flyout.tsx b/src/plugins/controls/public/control_group/open_edit_control_group_flyout.tsx similarity index 98% rename from src/plugins/controls/public/react_controls/control_group/open_edit_control_group_flyout.tsx rename to src/plugins/controls/public/control_group/open_edit_control_group_flyout.tsx index 5e7baf1f73e5d..54e35ab271b34 100644 --- a/src/plugins/controls/public/react_controls/control_group/open_edit_control_group_flyout.tsx +++ b/src/plugins/controls/public/control_group/open_edit_control_group_flyout.tsx @@ -18,7 +18,7 @@ import { BehaviorSubject } from 'rxjs'; import { ControlStateManager } from '../controls/types'; import { ControlGroupEditor } from './components/control_group_editor'; import { ControlGroupApi, ControlGroupEditorState } from './types'; -import { coreServices } from '../../services/kibana_services'; +import { coreServices } from '../services/kibana_services'; export const openEditControlGroupFlyout = ( controlGroupApi: ControlGroupApi, diff --git a/src/plugins/controls/public/react_controls/control_group/register_control_group_embeddable.ts b/src/plugins/controls/public/control_group/register_control_group_embeddable.ts similarity index 87% rename from src/plugins/controls/public/react_controls/control_group/register_control_group_embeddable.ts rename to src/plugins/controls/public/control_group/register_control_group_embeddable.ts index a64faa63e8efc..f93458ab6bc4a 100644 --- a/src/plugins/controls/public/react_controls/control_group/register_control_group_embeddable.ts +++ b/src/plugins/controls/public/control_group/register_control_group_embeddable.ts @@ -8,8 +8,8 @@ */ import type { EmbeddableSetup } from '@kbn/embeddable-plugin/public'; -import { CONTROL_GROUP_TYPE } from '../../../common'; -import { untilPluginStartServicesReady } from '../../services/kibana_services'; +import { CONTROL_GROUP_TYPE } from '../../common'; +import { untilPluginStartServicesReady } from '../services/kibana_services'; export function registerControlGroupEmbeddable(embeddableSetup: EmbeddableSetup) { embeddableSetup.registerReactEmbeddableFactory(CONTROL_GROUP_TYPE, async () => { diff --git a/src/plugins/controls/public/react_controls/control_group/selections_manager.test.ts b/src/plugins/controls/public/control_group/selections_manager.test.ts similarity index 100% rename from src/plugins/controls/public/react_controls/control_group/selections_manager.test.ts rename to src/plugins/controls/public/control_group/selections_manager.test.ts diff --git a/src/plugins/controls/public/react_controls/control_group/selections_manager.ts b/src/plugins/controls/public/control_group/selections_manager.ts similarity index 100% rename from src/plugins/controls/public/react_controls/control_group/selections_manager.ts rename to src/plugins/controls/public/control_group/selections_manager.ts diff --git a/src/plugins/controls/public/react_controls/control_group/types.ts b/src/plugins/controls/public/control_group/types.ts similarity index 99% rename from src/plugins/controls/public/react_controls/control_group/types.ts rename to src/plugins/controls/public/control_group/types.ts index 37f9f40c4079f..7a2bf74b5a27d 100644 --- a/src/plugins/controls/public/react_controls/control_group/types.ts +++ b/src/plugins/controls/public/control_group/types.ts @@ -38,7 +38,7 @@ import { ControlPanelState, DefaultControlState, ParentIgnoreSettings, -} from '../../../common'; +} from '../../common'; import { ControlFetchContext } from './control_fetch/control_fetch'; /** diff --git a/src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts b/src/plugins/controls/public/control_group/utils/control_group_state_builder.ts similarity index 95% rename from src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts rename to src/plugins/controls/public/control_group/utils/control_group_state_builder.ts index 1c051e58af46f..9c1dce024168e 100644 --- a/src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts +++ b/src/plugins/controls/public/control_group/utils/control_group_state_builder.ts @@ -16,9 +16,9 @@ import { type ControlGroupRuntimeState, type ControlPanelsState, type DefaultDataControlState, -} from '../../../../common'; -import type { OptionsListControlState } from '../../../../common/options_list'; -import { dataViewsService } from '../../../services/kibana_services'; +} from '../../../common'; +import type { OptionsListControlState } from '../../../common/options_list'; +import { dataViewsService } from '../../services/kibana_services'; import { getDataControlFieldRegistry } from '../../controls/data_controls/data_control_editor_utils'; import type { RangesliderControlState } from '../../controls/data_controls/range_slider/types'; diff --git a/src/plugins/controls/public/react_controls/control_group/utils/initialization_utils.ts b/src/plugins/controls/public/control_group/utils/initialization_utils.ts similarity index 96% rename from src/plugins/controls/public/react_controls/control_group/utils/initialization_utils.ts rename to src/plugins/controls/public/control_group/utils/initialization_utils.ts index ef81b4e30b361..ea785d05ac735 100644 --- a/src/plugins/controls/public/react_controls/control_group/utils/initialization_utils.ts +++ b/src/plugins/controls/public/control_group/utils/initialization_utils.ts @@ -7,7 +7,7 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import { DEFAULT_CONTROL_LABEL_POSITION, type ControlGroupRuntimeState } from '../../../../common'; +import { DEFAULT_CONTROL_LABEL_POSITION, type ControlGroupRuntimeState } from '../../../common'; export const getDefaultControlGroupRuntimeState = (): ControlGroupRuntimeState => ({ initialChildControlState: {}, diff --git a/src/plugins/controls/public/react_controls/control_group/utils/serialization_utils.ts b/src/plugins/controls/public/control_group/utils/serialization_utils.ts similarity index 98% rename from src/plugins/controls/public/react_controls/control_group/utils/serialization_utils.ts rename to src/plugins/controls/public/control_group/utils/serialization_utils.ts index 4762d3aa9ce81..ad7dea5827507 100644 --- a/src/plugins/controls/public/react_controls/control_group/utils/serialization_utils.ts +++ b/src/plugins/controls/public/control_group/utils/serialization_utils.ts @@ -10,7 +10,7 @@ import { omit } from 'lodash'; import { SerializedPanelState } from '@kbn/presentation-containers'; -import type { ControlGroupRuntimeState, ControlGroupSerializedState } from '../../../../common'; +import type { ControlGroupRuntimeState, ControlGroupSerializedState } from '../../../common'; import { parseReferenceName } from '../../controls/data_controls/reference_name_utils'; export const deserializeControlGroup = ( diff --git a/src/plugins/controls/public/react_controls/controls/constants.ts b/src/plugins/controls/public/controls/constants.ts similarity index 100% rename from src/plugins/controls/public/react_controls/controls/constants.ts rename to src/plugins/controls/public/controls/constants.ts diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/data_control_constants.tsx b/src/plugins/controls/public/controls/data_controls/data_control_constants.tsx similarity index 99% rename from src/plugins/controls/public/react_controls/controls/data_controls/data_control_constants.tsx rename to src/plugins/controls/public/controls/data_controls/data_control_constants.tsx index 2c7f5a02b6b5a..6b06bd8a52439 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/data_control_constants.tsx +++ b/src/plugins/controls/public/controls/data_controls/data_control_constants.tsx @@ -8,7 +8,7 @@ */ import { i18n } from '@kbn/i18n'; -import { RANGE_SLIDER_CONTROL } from '../../../../common'; +import { RANGE_SLIDER_CONTROL } from '../../../common'; export const DataControlEditorStrings = { manageControl: { diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/data_control_editor.test.tsx b/src/plugins/controls/public/controls/data_controls/data_control_editor.test.tsx similarity index 99% rename from src/plugins/controls/public/react_controls/controls/data_controls/data_control_editor.test.tsx rename to src/plugins/controls/public/controls/data_controls/data_control_editor.test.tsx index 8d8385d603fb3..23f9b053d23b2 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/data_control_editor.test.tsx +++ b/src/plugins/controls/public/controls/data_controls/data_control_editor.test.tsx @@ -20,8 +20,8 @@ import { DEFAULT_CONTROL_GROW, DEFAULT_CONTROL_WIDTH, type DefaultDataControlState, -} from '../../../../common'; -import { dataViewsService } from '../../../services/kibana_services'; +} from '../../../common'; +import { dataViewsService } from '../../services/kibana_services'; import { getAllControlTypes, getControlFactory } from '../../control_factory_registry'; import type { ControlGroupApi } from '../../control_group/types'; import type { ControlFactory } from '../types'; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/data_control_editor.tsx b/src/plugins/controls/public/controls/data_controls/data_control_editor.tsx similarity index 99% rename from src/plugins/controls/public/react_controls/controls/data_controls/data_control_editor.tsx rename to src/plugins/controls/public/controls/data_controls/data_control_editor.tsx index 35e21ca3b407a..43d0f46324557 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/data_control_editor.tsx +++ b/src/plugins/controls/public/controls/data_controls/data_control_editor.tsx @@ -44,8 +44,8 @@ import { DEFAULT_CONTROL_WIDTH, type ControlWidth, type DefaultDataControlState, -} from '../../../../common'; -import { dataViewsService } from '../../../services/kibana_services'; +} from '../../../common'; +import { dataViewsService } from '../../services/kibana_services'; import { getAllControlTypes, getControlFactory } from '../../control_factory_registry'; import type { ControlGroupApi } from '../../control_group/types'; import { DataControlEditorStrings } from './data_control_constants'; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/data_control_editor_utils.ts b/src/plugins/controls/public/controls/data_controls/data_control_editor_utils.ts similarity index 100% rename from src/plugins/controls/public/react_controls/controls/data_controls/data_control_editor_utils.ts rename to src/plugins/controls/public/controls/data_controls/data_control_editor_utils.ts diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/editor_constants.ts b/src/plugins/controls/public/controls/data_controls/editor_constants.ts similarity index 100% rename from src/plugins/controls/public/react_controls/controls/data_controls/editor_constants.ts rename to src/plugins/controls/public/controls/data_controls/editor_constants.ts diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/initialize_data_control.test.tsx b/src/plugins/controls/public/controls/data_controls/initialize_data_control.test.tsx similarity index 98% rename from src/plugins/controls/public/react_controls/controls/data_controls/initialize_data_control.test.tsx rename to src/plugins/controls/public/controls/data_controls/initialize_data_control.test.tsx index d189d0aaa1ae9..c3c4dd0d6da77 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/initialize_data_control.test.tsx +++ b/src/plugins/controls/public/controls/data_controls/initialize_data_control.test.tsx @@ -9,7 +9,7 @@ import type { DataView } from '@kbn/data-views-plugin/public'; import { first, skip } from 'rxjs'; -import { dataViewsService } from '../../../services/kibana_services'; +import { dataViewsService } from '../../services/kibana_services'; import { ControlGroupApi } from '../../control_group/types'; import { initializeDataControl } from './initialize_data_control'; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/initialize_data_control.ts b/src/plugins/controls/public/controls/data_controls/initialize_data_control.ts similarity index 98% rename from src/plugins/controls/public/react_controls/controls/data_controls/initialize_data_control.ts rename to src/plugins/controls/public/controls/data_controls/initialize_data_control.ts index 11fb453d56350..71cb6cfb78245 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/initialize_data_control.ts +++ b/src/plugins/controls/public/controls/data_controls/initialize_data_control.ts @@ -20,8 +20,8 @@ import { SerializedPanelState } from '@kbn/presentation-containers'; import { StateComparators } from '@kbn/presentation-publishing'; import { i18n } from '@kbn/i18n'; -import type { DefaultControlState, DefaultDataControlState } from '../../../../common'; -import { dataViewsService } from '../../../services/kibana_services'; +import type { DefaultControlState, DefaultDataControlState } from '../../../common'; +import { dataViewsService } from '../../services/kibana_services'; import type { ControlGroupApi } from '../../control_group/types'; import { initializeDefaultControlApi } from '../initialize_default_control_api'; import type { ControlApiInitialization, ControlStateManager } from '../types'; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/mocks/api_mocks.tsx b/src/plugins/controls/public/controls/data_controls/mocks/api_mocks.tsx similarity index 98% rename from src/plugins/controls/public/react_controls/controls/data_controls/mocks/api_mocks.tsx rename to src/plugins/controls/public/controls/data_controls/mocks/api_mocks.tsx index 9abf7f6c67c87..ade12fda012d6 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/mocks/api_mocks.tsx +++ b/src/plugins/controls/public/controls/data_controls/mocks/api_mocks.tsx @@ -18,7 +18,7 @@ import type { OptionsListSelection, OptionsListSortingType, OptionsListSuggestions, -} from '../../../../../common/options_list'; +} from '../../../../common/options_list'; export const getOptionsListMocks = () => { const selectedOptions$ = new BehaviorSubject(undefined); diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/mocks/factory_mocks.tsx b/src/plugins/controls/public/controls/data_controls/mocks/factory_mocks.tsx similarity index 100% rename from src/plugins/controls/public/react_controls/controls/data_controls/mocks/factory_mocks.tsx rename to src/plugins/controls/public/controls/data_controls/mocks/factory_mocks.tsx diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/open_data_control_editor.tsx b/src/plugins/controls/public/controls/data_controls/open_data_control_editor.tsx similarity index 96% rename from src/plugins/controls/public/react_controls/controls/data_controls/open_data_control_editor.tsx rename to src/plugins/controls/public/controls/data_controls/open_data_control_editor.tsx index 08118702a003e..1c1be2e121a17 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/open_data_control_editor.tsx +++ b/src/plugins/controls/public/controls/data_controls/open_data_control_editor.tsx @@ -16,8 +16,8 @@ import { tracksOverlays } from '@kbn/presentation-containers'; import { apiHasParentApi } from '@kbn/presentation-publishing'; import { toMountPoint } from '@kbn/react-kibana-mount'; -import type { DefaultDataControlState } from '../../../../common'; -import { coreServices } from '../../../services/kibana_services'; +import type { DefaultDataControlState } from '../../../common'; +import { coreServices } from '../../services/kibana_services'; import type { ControlGroupApi } from '../../control_group/types'; import { DataControlEditor } from './data_control_editor'; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list.scss b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list.scss similarity index 100% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list.scss rename to src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list.scss diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_control.test.tsx b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_control.test.tsx similarity index 100% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_control.test.tsx rename to src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_control.test.tsx diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_control.tsx b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_control.tsx similarity index 98% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_control.tsx rename to src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_control.tsx index b82258cb510c4..da9aa000dcef0 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_control.tsx +++ b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_control.tsx @@ -25,7 +25,7 @@ import { useBatchedPublishingSubjects, } from '@kbn/presentation-publishing'; -import { OptionsListSelection } from '../../../../../../common/options_list/options_list_selections'; +import { OptionsListSelection } from '../../../../../common/options_list/options_list_selections'; import { MIN_POPOVER_WIDTH } from '../../../constants'; import { useOptionsListContext } from '../options_list_context_provider'; import { OptionsListPopover } from './options_list_popover'; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_editor_options.test.tsx b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_editor_options.test.tsx similarity index 98% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_editor_options.test.tsx rename to src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_editor_options.test.tsx index e7660ff2ec9b6..079a857f7c090 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_editor_options.test.tsx +++ b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_editor_options.test.tsx @@ -14,8 +14,8 @@ import { DataViewField } from '@kbn/data-views-plugin/common'; import { act, render } from '@testing-library/react'; import userEvent from '@testing-library/user-event'; -import type { DefaultDataControlState } from '../../../../../../common'; -import type { OptionsListControlState } from '../../../../../../common/options_list'; +import type { DefaultDataControlState } from '../../../../../common'; +import type { OptionsListControlState } from '../../../../../common/options_list'; import type { ControlGroupApi } from '../../../../control_group/types'; import { getMockedControlGroupApi } from '../../../mocks/control_mocks'; import type { CustomOptionsComponentProps } from '../../types'; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_editor_options.tsx b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_editor_options.tsx similarity index 97% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_editor_options.tsx rename to src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_editor_options.tsx index 27f12e6d0f2e8..e9dad12be5623 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_editor_options.tsx +++ b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_editor_options.tsx @@ -15,8 +15,8 @@ import { useStateFromPublishingSubject } from '@kbn/presentation-publishing'; import type { OptionsListControlState, OptionsListSearchTechnique, -} from '../../../../../../common/options_list'; -import { getCompatibleSearchTechniques } from '../../../../../../common/options_list/suggestions_searching'; +} from '../../../../../common/options_list'; +import { getCompatibleSearchTechniques } from '../../../../../common/options_list/suggestions_searching'; import { ControlSettingTooltipLabel } from '../../../../control_group/components/control_setting_tooltip_label'; import { CustomOptionsComponentProps } from '../../types'; import { DEFAULT_SEARCH_TECHNIQUE } from '../constants'; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover.test.tsx b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover.test.tsx similarity index 99% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover.test.tsx rename to src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover.test.tsx index 1f18e229bef3b..0cf3ca5b7da23 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover.test.tsx +++ b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover.test.tsx @@ -14,7 +14,7 @@ import { DataViewField } from '@kbn/data-views-plugin/common'; import { act, render, RenderResult, within } from '@testing-library/react'; import userEvent from '@testing-library/user-event'; -import type { OptionsListDisplaySettings } from '../../../../../../common/options_list'; +import type { OptionsListDisplaySettings } from '../../../../../common/options_list'; import { getOptionsListMocks } from '../../mocks/api_mocks'; import { ContextStateManager, OptionsListControlContext } from '../options_list_context_provider'; import type { OptionsListComponentApi } from '../types'; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover.tsx b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover.tsx similarity index 100% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover.tsx rename to src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover.tsx diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover_action_bar.tsx b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover_action_bar.tsx similarity index 98% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover_action_bar.tsx rename to src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover_action_bar.tsx index d9502e781ab06..ccf0ce857b783 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover_action_bar.tsx +++ b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover_action_bar.tsx @@ -20,7 +20,7 @@ import { } from '@elastic/eui'; import { useBatchedPublishingSubjects } from '@kbn/presentation-publishing'; -import { getCompatibleSearchTechniques } from '../../../../../../common/options_list/suggestions_searching'; +import { getCompatibleSearchTechniques } from '../../../../../common/options_list/suggestions_searching'; import { useOptionsListContext } from '../options_list_context_provider'; import { OptionsListPopoverSortingButton } from './options_list_popover_sorting_button'; import { OptionsListStrings } from '../options_list_strings'; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover_empty_message.tsx b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover_empty_message.tsx similarity index 100% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover_empty_message.tsx rename to src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover_empty_message.tsx diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover_footer.tsx b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover_footer.tsx similarity index 100% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover_footer.tsx rename to src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover_footer.tsx diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover_invalid_selections.tsx b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover_invalid_selections.tsx similarity index 100% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover_invalid_selections.tsx rename to src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover_invalid_selections.tsx diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover_sorting_button.test.tsx b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover_sorting_button.test.tsx similarity index 100% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover_sorting_button.test.tsx rename to src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover_sorting_button.test.tsx diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover_sorting_button.tsx b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover_sorting_button.tsx similarity index 98% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover_sorting_button.tsx rename to src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover_sorting_button.tsx index a48df361e50e4..5a82614e77df9 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover_sorting_button.tsx +++ b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover_sorting_button.tsx @@ -28,7 +28,7 @@ import { getCompatibleSortingTypes, OptionsListSortBy, OPTIONS_LIST_DEFAULT_SORT, -} from '../../../../../../common/options_list/suggestions_sorting'; +} from '../../../../../common/options_list/suggestions_sorting'; import { useOptionsListContext } from '../options_list_context_provider'; import { OptionsListStrings } from '../options_list_strings'; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover_suggestion_badge.tsx b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover_suggestion_badge.tsx similarity index 100% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover_suggestion_badge.tsx rename to src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover_suggestion_badge.tsx diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover_suggestions.tsx b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover_suggestions.tsx similarity index 97% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover_suggestions.tsx rename to src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover_suggestions.tsx index 8883ac43b6e41..9372c2a091de3 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/components/options_list_popover_suggestions.tsx +++ b/src/plugins/controls/public/controls/data_controls/options_list_control/components/options_list_popover_suggestions.tsx @@ -14,8 +14,8 @@ import { EuiSelectableOption } from '@elastic/eui/src/components/selectable/sele import { useBatchedPublishingSubjects } from '@kbn/presentation-publishing'; import { euiThemeVars } from '@kbn/ui-theme'; -import { OptionsListSuggestions } from '../../../../../../common/options_list/types'; -import { OptionsListSelection } from '../../../../../../common/options_list/options_list_selections'; +import { OptionsListSuggestions } from '../../../../../common/options_list/types'; +import { OptionsListSelection } from '../../../../../common/options_list/options_list_selections'; import { MAX_OPTIONS_LIST_REQUEST_SIZE } from '../constants'; import { useOptionsListContext } from '../options_list_context_provider'; import { OptionsListStrings } from '../options_list_strings'; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/constants.ts b/src/plugins/controls/public/controls/data_controls/options_list_control/constants.ts similarity index 94% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/constants.ts rename to src/plugins/controls/public/controls/data_controls/options_list_control/constants.ts index 0d4a92b6734a9..87415dff252b0 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/constants.ts +++ b/src/plugins/controls/public/controls/data_controls/options_list_control/constants.ts @@ -10,7 +10,7 @@ import type { OptionsListSortingType, OptionsListSearchTechnique, -} from '../../../../../common/options_list'; +} from '../../../../common/options_list'; export const DEFAULT_SEARCH_TECHNIQUE: OptionsListSearchTechnique = 'prefix'; export const OPTIONS_LIST_DEFAULT_SORT: OptionsListSortingType = { diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/fetch_and_validate.tsx b/src/plugins/controls/public/controls/data_controls/options_list_control/fetch_and_validate.tsx similarity index 94% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/fetch_and_validate.tsx rename to src/plugins/controls/public/controls/data_controls/options_list_control/fetch_and_validate.tsx index 2e2cd341e8704..ca71fc46a72c1 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/fetch_and_validate.tsx +++ b/src/plugins/controls/public/controls/data_controls/options_list_control/fetch_and_validate.tsx @@ -21,9 +21,9 @@ import { import { PublishingSubject } from '@kbn/presentation-publishing'; import { apiPublishesReload } from '@kbn/presentation-publishing/interfaces/fetch/publishes_reload'; -import { OptionsListSuccessResponse } from '../../../../../common/options_list/types'; -import { isValidSearch } from '../../../../../common/options_list/is_valid_search'; -import { OptionsListSelection } from '../../../../../common/options_list/options_list_selections'; +import { OptionsListSuccessResponse } from '../../../../common/options_list/types'; +import { isValidSearch } from '../../../../common/options_list/is_valid_search'; +import { OptionsListSelection } from '../../../../common/options_list/options_list_selections'; import { ControlFetchContext } from '../../../control_group/control_fetch'; import { ControlStateManager } from '../../types'; import { OptionsListFetchCache } from './options_list_fetch_cache'; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/get_options_list_control_factory.test.tsx b/src/plugins/controls/public/controls/data_controls/options_list_control/get_options_list_control_factory.test.tsx similarity index 99% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/get_options_list_control_factory.test.tsx rename to src/plugins/controls/public/controls/data_controls/options_list_control/get_options_list_control_factory.test.tsx index 20911d1cdb872..20aad3e260983 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/get_options_list_control_factory.test.tsx +++ b/src/plugins/controls/public/controls/data_controls/options_list_control/get_options_list_control_factory.test.tsx @@ -14,7 +14,7 @@ import { createStubDataView } from '@kbn/data-views-plugin/common/data_view.stub import { act, render, waitFor } from '@testing-library/react'; import userEvent from '@testing-library/user-event'; -import { coreServices, dataViewsService } from '../../../../services/kibana_services'; +import { coreServices, dataViewsService } from '../../../services/kibana_services'; import { getMockedBuildApi, getMockedControlGroupApi } from '../../mocks/control_mocks'; import { getOptionsListControlFactory } from './get_options_list_control_factory'; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/get_options_list_control_factory.tsx b/src/plugins/controls/public/controls/data_controls/options_list_control/get_options_list_control_factory.tsx similarity index 99% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/get_options_list_control_factory.tsx rename to src/plugins/controls/public/controls/data_controls/options_list_control/get_options_list_control_factory.tsx index 2a23ac9341ab9..de4811f0220d6 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/get_options_list_control_factory.tsx +++ b/src/plugins/controls/public/controls/data_controls/options_list_control/get_options_list_control_factory.tsx @@ -14,7 +14,7 @@ import { BehaviorSubject, combineLatest, debounceTime, filter, map, skip } from import { buildExistsFilter, buildPhraseFilter, buildPhrasesFilter, Filter } from '@kbn/es-query'; import { useBatchedPublishingSubjects } from '@kbn/presentation-publishing'; -import { OPTIONS_LIST_CONTROL } from '../../../../../common'; +import { OPTIONS_LIST_CONTROL } from '../../../../common'; import type { OptionsListControlState, OptionsListSearchTechnique, @@ -22,8 +22,8 @@ import type { OptionsListSortingType, OptionsListSuccessResponse, OptionsListSuggestions, -} from '../../../../../common/options_list'; -import { getSelectionAsFieldType, isValidSearch } from '../../../../../common/options_list'; +} from '../../../../common/options_list'; +import { getSelectionAsFieldType, isValidSearch } from '../../../../common/options_list'; import { initializeDataControl } from '../initialize_data_control'; import type { DataControlFactory } from '../types'; import { OptionsListControl } from './components/options_list_control'; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/options_list_context_provider.tsx b/src/plugins/controls/public/controls/data_controls/options_list_control/options_list_context_provider.tsx similarity index 97% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/options_list_context_provider.tsx rename to src/plugins/controls/public/controls/data_controls/options_list_control/options_list_context_provider.tsx index d0acec2f0d683..b594b21116cf2 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/options_list_context_provider.tsx +++ b/src/plugins/controls/public/controls/data_controls/options_list_control/options_list_context_provider.tsx @@ -14,7 +14,7 @@ import { PublishingSubject } from '@kbn/presentation-publishing'; import type { OptionsListDisplaySettings, OptionsListSelection, -} from '../../../../../common/options_list'; +} from '../../../../common/options_list'; import type { ControlStateManager } from '../../types'; import type { OptionsListComponentApi, OptionsListComponentState } from './types'; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/options_list_control_selections.ts b/src/plugins/controls/public/controls/data_controls/options_list_control/options_list_control_selections.ts similarity index 93% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/options_list_control_selections.ts rename to src/plugins/controls/public/controls/data_controls/options_list_control/options_list_control_selections.ts index d766b564d0212..94d46c1d59a84 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/options_list_control_selections.ts +++ b/src/plugins/controls/public/controls/data_controls/options_list_control/options_list_control_selections.ts @@ -12,8 +12,8 @@ import { BehaviorSubject } from 'rxjs'; import { PublishingSubject, StateComparators } from '@kbn/presentation-publishing'; -import { OptionsListControlState } from '../../../../../common/options_list'; -import { OptionsListSelection } from '../../../../../common/options_list/options_list_selections'; +import { OptionsListControlState } from '../../../../common/options_list'; +import { OptionsListSelection } from '../../../../common/options_list/options_list_selections'; export function initializeOptionsListSelections( initialState: OptionsListControlState, diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/options_list_fetch_cache.ts b/src/plugins/controls/public/controls/data_controls/options_list_control/options_list_fetch_cache.ts similarity index 96% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/options_list_fetch_cache.ts rename to src/plugins/controls/public/controls/data_controls/options_list_control/options_list_fetch_cache.ts index 60b1463118733..55d613e0afc19 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/options_list_fetch_cache.ts +++ b/src/plugins/controls/public/controls/data_controls/options_list_control/options_list_fetch_cache.ts @@ -19,8 +19,8 @@ import type { OptionsListRequest, OptionsListResponse, OptionsListSuccessResponse, -} from '../../../../../common/options_list/types'; -import { coreServices, dataService } from '../../../../services/kibana_services'; +} from '../../../../common/options_list/types'; +import { coreServices, dataService } from '../../../services/kibana_services'; const REQUEST_CACHE_SIZE = 50; // only store a max of 50 responses const REQUEST_CACHE_TTL = 1000 * 60; // time to live = 1 minute diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/options_list_strings.ts b/src/plugins/controls/public/controls/data_controls/options_list_control/options_list_strings.ts similarity index 99% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/options_list_strings.ts rename to src/plugins/controls/public/controls/data_controls/options_list_control/options_list_strings.ts index eef121b8b3574..b910b217063e6 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/options_list_strings.ts +++ b/src/plugins/controls/public/controls/data_controls/options_list_control/options_list_strings.ts @@ -8,7 +8,7 @@ */ import { i18n } from '@kbn/i18n'; -import { OptionsListSearchTechnique } from '../../../../../common/options_list/suggestions_searching'; +import { OptionsListSearchTechnique } from '../../../../common/options_list/suggestions_searching'; export const OptionsListStrings = { control: { diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/register_options_list_control.ts b/src/plugins/controls/public/controls/data_controls/options_list_control/register_options_list_control.ts similarity index 85% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/register_options_list_control.ts rename to src/plugins/controls/public/controls/data_controls/options_list_control/register_options_list_control.ts index b58189a75daca..45f430598fa50 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/register_options_list_control.ts +++ b/src/plugins/controls/public/controls/data_controls/options_list_control/register_options_list_control.ts @@ -7,8 +7,8 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import { OPTIONS_LIST_CONTROL } from '../../../../../common'; -import { untilPluginStartServicesReady } from '../../../../services/kibana_services'; +import { OPTIONS_LIST_CONTROL } from '../../../../common'; +import { untilPluginStartServicesReady } from '../../../services/kibana_services'; import { registerControlFactory } from '../../../control_factory_registry'; export function registerOptionsListControl() { diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/types.ts b/src/plugins/controls/public/controls/data_controls/options_list_control/types.ts similarity index 97% rename from src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/types.ts rename to src/plugins/controls/public/controls/data_controls/options_list_control/types.ts index 1d34c082eb8a6..3cdb79f78a98d 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/types.ts +++ b/src/plugins/controls/public/controls/data_controls/options_list_control/types.ts @@ -15,7 +15,7 @@ import type { OptionsListDisplaySettings, OptionsListSelection, OptionsListSuggestions, -} from '../../../../../common/options_list'; +} from '../../../../common/options_list'; import type { DataControlApi } from '../types'; export type OptionsListControlApi = DataControlApi; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/publishes_async_filters.ts b/src/plugins/controls/public/controls/data_controls/publishes_async_filters.ts similarity index 100% rename from src/plugins/controls/public/react_controls/controls/data_controls/publishes_async_filters.ts rename to src/plugins/controls/public/controls/data_controls/publishes_async_filters.ts diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/range_slider/components/range_slider.styles.ts b/src/plugins/controls/public/controls/data_controls/range_slider/components/range_slider.styles.ts similarity index 100% rename from src/plugins/controls/public/react_controls/controls/data_controls/range_slider/components/range_slider.styles.ts rename to src/plugins/controls/public/controls/data_controls/range_slider/components/range_slider.styles.ts diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/range_slider/components/range_slider_control.tsx b/src/plugins/controls/public/controls/data_controls/range_slider/components/range_slider_control.tsx similarity index 100% rename from src/plugins/controls/public/react_controls/controls/data_controls/range_slider/components/range_slider_control.tsx rename to src/plugins/controls/public/controls/data_controls/range_slider/components/range_slider_control.tsx diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/range_slider/get_range_slider_control_factory.test.tsx b/src/plugins/controls/public/controls/data_controls/range_slider/get_range_slider_control_factory.test.tsx similarity index 99% rename from src/plugins/controls/public/react_controls/controls/data_controls/range_slider/get_range_slider_control_factory.test.tsx rename to src/plugins/controls/public/controls/data_controls/range_slider/get_range_slider_control_factory.test.tsx index 925ec3443849a..03ebe50969d05 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/range_slider/get_range_slider_control_factory.test.tsx +++ b/src/plugins/controls/public/controls/data_controls/range_slider/get_range_slider_control_factory.test.tsx @@ -15,7 +15,7 @@ import { DataViewField } from '@kbn/data-views-plugin/common'; import { SerializedPanelState } from '@kbn/presentation-containers'; import { fireEvent, render, waitFor } from '@testing-library/react'; -import { dataService, dataViewsService } from '../../../../services/kibana_services'; +import { dataService, dataViewsService } from '../../../services/kibana_services'; import { getMockedBuildApi, getMockedControlGroupApi } from '../../mocks/control_mocks'; import { getRangesliderControlFactory } from './get_range_slider_control_factory'; import { RangesliderControlState } from './types'; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/range_slider/get_range_slider_control_factory.tsx b/src/plugins/controls/public/controls/data_controls/range_slider/get_range_slider_control_factory.tsx similarity index 99% rename from src/plugins/controls/public/react_controls/controls/data_controls/range_slider/get_range_slider_control_factory.tsx rename to src/plugins/controls/public/controls/data_controls/range_slider/get_range_slider_control_factory.tsx index 3ad3b97af7414..0605fe4586abb 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/range_slider/get_range_slider_control_factory.tsx +++ b/src/plugins/controls/public/controls/data_controls/range_slider/get_range_slider_control_factory.tsx @@ -14,7 +14,7 @@ import { EuiFieldNumber, EuiFormRow } from '@elastic/eui'; import { Filter, RangeFilterParams, buildRangeFilter } from '@kbn/es-query'; import { useBatchedPublishingSubjects } from '@kbn/presentation-publishing'; -import { RANGE_SLIDER_CONTROL } from '../../../../../common'; +import { RANGE_SLIDER_CONTROL } from '../../../../common'; import { initializeDataControl } from '../initialize_data_control'; import type { DataControlFactory } from '../types'; import { RangeSliderControl } from './components/range_slider_control'; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/range_slider/has_no_results.ts b/src/plugins/controls/public/controls/data_controls/range_slider/has_no_results.ts similarity index 98% rename from src/plugins/controls/public/react_controls/controls/data_controls/range_slider/has_no_results.ts rename to src/plugins/controls/public/controls/data_controls/range_slider/has_no_results.ts index 24d4510b3fc22..5b5cfd33788cb 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/range_slider/has_no_results.ts +++ b/src/plugins/controls/public/controls/data_controls/range_slider/has_no_results.ts @@ -12,7 +12,7 @@ import { DataView } from '@kbn/data-views-plugin/public'; import { AggregateQuery, Filter, Query, TimeRange } from '@kbn/es-query'; import { PublishesDataViews } from '@kbn/presentation-publishing'; import { Observable, combineLatest, lastValueFrom, switchMap, tap } from 'rxjs'; -import { dataService } from '../../../../services/kibana_services'; +import { dataService } from '../../../services/kibana_services'; import { ControlFetchContext } from '../../../control_group/control_fetch'; import { ControlGroupApi } from '../../../control_group/types'; import { DataControlApi } from '../types'; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/range_slider/min_max.ts b/src/plugins/controls/public/controls/data_controls/range_slider/min_max.ts similarity index 98% rename from src/plugins/controls/public/react_controls/controls/data_controls/range_slider/min_max.ts rename to src/plugins/controls/public/controls/data_controls/range_slider/min_max.ts index 8e4d5e00374af..f118e2da24c9b 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/range_slider/min_max.ts +++ b/src/plugins/controls/public/controls/data_controls/range_slider/min_max.ts @@ -13,7 +13,7 @@ import { AggregateQuery, Filter, Query, TimeRange } from '@kbn/es-query'; import { PublishesDataViews, PublishingSubject } from '@kbn/presentation-publishing'; import { apiPublishesReload } from '@kbn/presentation-publishing/interfaces/fetch/publishes_reload'; import { Observable, combineLatest, lastValueFrom, of, startWith, switchMap, tap } from 'rxjs'; -import { dataService } from '../../../../services/kibana_services'; +import { dataService } from '../../../services/kibana_services'; import { ControlFetchContext } from '../../../control_group/control_fetch'; import { ControlGroupApi } from '../../../control_group/types'; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/range_slider/range_control_selections.ts b/src/plugins/controls/public/controls/data_controls/range_slider/range_control_selections.ts similarity index 100% rename from src/plugins/controls/public/react_controls/controls/data_controls/range_slider/range_control_selections.ts rename to src/plugins/controls/public/controls/data_controls/range_slider/range_control_selections.ts diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/range_slider/range_slider_strings.ts b/src/plugins/controls/public/controls/data_controls/range_slider/range_slider_strings.ts similarity index 100% rename from src/plugins/controls/public/react_controls/controls/data_controls/range_slider/range_slider_strings.ts rename to src/plugins/controls/public/controls/data_controls/range_slider/range_slider_strings.ts diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/range_slider/register_range_slider_control.ts b/src/plugins/controls/public/controls/data_controls/range_slider/register_range_slider_control.ts similarity index 85% rename from src/plugins/controls/public/react_controls/controls/data_controls/range_slider/register_range_slider_control.ts rename to src/plugins/controls/public/controls/data_controls/range_slider/register_range_slider_control.ts index 0e1c0fd925792..9f7af0ccae2c3 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/range_slider/register_range_slider_control.ts +++ b/src/plugins/controls/public/controls/data_controls/range_slider/register_range_slider_control.ts @@ -7,8 +7,8 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import { RANGE_SLIDER_CONTROL } from '../../../../../common'; -import { untilPluginStartServicesReady } from '../../../../services/kibana_services'; +import { RANGE_SLIDER_CONTROL } from '../../../../common'; +import { untilPluginStartServicesReady } from '../../../services/kibana_services'; import { registerControlFactory } from '../../../control_factory_registry'; export function registerRangeSliderControl() { diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/range_slider/types.ts b/src/plugins/controls/public/controls/data_controls/range_slider/types.ts similarity index 91% rename from src/plugins/controls/public/react_controls/controls/data_controls/range_slider/types.ts rename to src/plugins/controls/public/controls/data_controls/range_slider/types.ts index 459220a9dd166..bbbf75e5730b5 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/range_slider/types.ts +++ b/src/plugins/controls/public/controls/data_controls/range_slider/types.ts @@ -7,7 +7,7 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import type { DefaultDataControlState } from '../../../../../common'; +import type { DefaultDataControlState } from '../../../../common'; import type { DataControlApi } from '../types'; export type RangeValue = [string, string]; diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/reference_name_utils.ts b/src/plugins/controls/public/controls/data_controls/reference_name_utils.ts similarity index 100% rename from src/plugins/controls/public/react_controls/controls/data_controls/reference_name_utils.ts rename to src/plugins/controls/public/controls/data_controls/reference_name_utils.ts diff --git a/src/plugins/controls/public/react_controls/controls/data_controls/types.ts b/src/plugins/controls/public/controls/data_controls/types.ts similarity index 97% rename from src/plugins/controls/public/react_controls/controls/data_controls/types.ts rename to src/plugins/controls/public/controls/data_controls/types.ts index 89912e6eabb03..24eb9e73fb49e 100644 --- a/src/plugins/controls/public/react_controls/controls/data_controls/types.ts +++ b/src/plugins/controls/public/controls/data_controls/types.ts @@ -16,7 +16,7 @@ import { PublishingSubject, } from '@kbn/presentation-publishing'; -import { DefaultDataControlState } from '../../../../common'; +import { DefaultDataControlState } from '../../../common'; import { ControlGroupApi } from '../../control_group/types'; import { ControlFactory, DefaultControlApi } from '../types'; import { PublishesAsyncFilters } from './publishes_async_filters'; diff --git a/src/plugins/controls/public/react_controls/controls/initialize_default_control_api.tsx b/src/plugins/controls/public/controls/initialize_default_control_api.tsx similarity index 96% rename from src/plugins/controls/public/react_controls/controls/initialize_default_control_api.tsx rename to src/plugins/controls/public/controls/initialize_default_control_api.tsx index 558595a877f64..06d7f3e4028f5 100644 --- a/src/plugins/controls/public/react_controls/controls/initialize_default_control_api.tsx +++ b/src/plugins/controls/public/controls/initialize_default_control_api.tsx @@ -12,7 +12,7 @@ import { BehaviorSubject } from 'rxjs'; import { SerializedPanelState } from '@kbn/presentation-containers'; import { StateComparators } from '@kbn/presentation-publishing'; -import type { ControlWidth, DefaultControlState } from '../../../common'; +import type { ControlWidth, DefaultControlState } from '../../common'; import type { ControlApiInitialization, ControlStateManager, DefaultControlApi } from './types'; export type ControlApi = ControlApiInitialization; diff --git a/src/plugins/controls/public/react_controls/controls/mocks/control_mocks.ts b/src/plugins/controls/public/controls/mocks/control_mocks.ts similarity index 97% rename from src/plugins/controls/public/react_controls/controls/mocks/control_mocks.ts rename to src/plugins/controls/public/controls/mocks/control_mocks.ts index 5e3156e5d732b..e71ecb12e030b 100644 --- a/src/plugins/controls/public/react_controls/controls/mocks/control_mocks.ts +++ b/src/plugins/controls/public/controls/mocks/control_mocks.ts @@ -11,7 +11,7 @@ import { BehaviorSubject } from 'rxjs'; import { StateComparators } from '@kbn/presentation-publishing'; -import { CONTROL_GROUP_TYPE } from '../../../../common'; +import { CONTROL_GROUP_TYPE } from '../../../common'; import type { ControlFetchContext } from '../../control_group/control_fetch/control_fetch'; import type { ControlGroupApi } from '../../control_group/types'; import type { ControlApiRegistration, ControlFactory, DefaultControlApi } from '../types'; diff --git a/src/plugins/controls/public/react_controls/controls/timeslider_control/components/index.scss b/src/plugins/controls/public/controls/timeslider_control/components/index.scss similarity index 100% rename from src/plugins/controls/public/react_controls/controls/timeslider_control/components/index.scss rename to src/plugins/controls/public/controls/timeslider_control/components/index.scss diff --git a/src/plugins/controls/public/react_controls/controls/timeslider_control/components/play_button.tsx b/src/plugins/controls/public/controls/timeslider_control/components/play_button.tsx similarity index 100% rename from src/plugins/controls/public/react_controls/controls/timeslider_control/components/play_button.tsx rename to src/plugins/controls/public/controls/timeslider_control/components/play_button.tsx diff --git a/src/plugins/controls/public/react_controls/controls/timeslider_control/components/time_slider_anchored_range.tsx b/src/plugins/controls/public/controls/timeslider_control/components/time_slider_anchored_range.tsx similarity index 100% rename from src/plugins/controls/public/react_controls/controls/timeslider_control/components/time_slider_anchored_range.tsx rename to src/plugins/controls/public/controls/timeslider_control/components/time_slider_anchored_range.tsx diff --git a/src/plugins/controls/public/react_controls/controls/timeslider_control/components/time_slider_popover_button.tsx b/src/plugins/controls/public/controls/timeslider_control/components/time_slider_popover_button.tsx similarity index 100% rename from src/plugins/controls/public/react_controls/controls/timeslider_control/components/time_slider_popover_button.tsx rename to src/plugins/controls/public/controls/timeslider_control/components/time_slider_popover_button.tsx diff --git a/src/plugins/controls/public/react_controls/controls/timeslider_control/components/time_slider_popover_content.tsx b/src/plugins/controls/public/controls/timeslider_control/components/time_slider_popover_content.tsx similarity index 100% rename from src/plugins/controls/public/react_controls/controls/timeslider_control/components/time_slider_popover_content.tsx rename to src/plugins/controls/public/controls/timeslider_control/components/time_slider_popover_content.tsx diff --git a/src/plugins/controls/public/react_controls/controls/timeslider_control/components/time_slider_prepend.tsx b/src/plugins/controls/public/controls/timeslider_control/components/time_slider_prepend.tsx similarity index 100% rename from src/plugins/controls/public/react_controls/controls/timeslider_control/components/time_slider_prepend.tsx rename to src/plugins/controls/public/controls/timeslider_control/components/time_slider_prepend.tsx diff --git a/src/plugins/controls/public/react_controls/controls/timeslider_control/components/time_slider_sliding_window_range.tsx b/src/plugins/controls/public/controls/timeslider_control/components/time_slider_sliding_window_range.tsx similarity index 100% rename from src/plugins/controls/public/react_controls/controls/timeslider_control/components/time_slider_sliding_window_range.tsx rename to src/plugins/controls/public/controls/timeslider_control/components/time_slider_sliding_window_range.tsx diff --git a/src/plugins/controls/public/react_controls/controls/timeslider_control/components/time_slider_strings.ts b/src/plugins/controls/public/controls/timeslider_control/components/time_slider_strings.ts similarity index 100% rename from src/plugins/controls/public/react_controls/controls/timeslider_control/components/time_slider_strings.ts rename to src/plugins/controls/public/controls/timeslider_control/components/time_slider_strings.ts diff --git a/src/plugins/controls/public/react_controls/controls/timeslider_control/get_time_range_meta.ts b/src/plugins/controls/public/controls/timeslider_control/get_time_range_meta.ts similarity index 96% rename from src/plugins/controls/public/react_controls/controls/timeslider_control/get_time_range_meta.ts rename to src/plugins/controls/public/controls/timeslider_control/get_time_range_meta.ts index 5c84cfbdef508..a9fe07c9bf3b9 100644 --- a/src/plugins/controls/public/react_controls/controls/timeslider_control/get_time_range_meta.ts +++ b/src/plugins/controls/public/controls/timeslider_control/get_time_range_meta.ts @@ -9,7 +9,7 @@ import { EuiRangeTick } from '@elastic/eui'; import { TimeRange } from '@kbn/es-query'; -import { coreServices, dataService } from '../../../services/kibana_services'; +import { coreServices, dataService } from '../../services/kibana_services'; import { FROM_INDEX, getStepSize, diff --git a/src/plugins/controls/public/react_controls/controls/timeslider_control/get_timeslider_control_factory.test.tsx b/src/plugins/controls/public/controls/timeslider_control/get_timeslider_control_factory.test.tsx similarity index 99% rename from src/plugins/controls/public/react_controls/controls/timeslider_control/get_timeslider_control_factory.test.tsx rename to src/plugins/controls/public/controls/timeslider_control/get_timeslider_control_factory.test.tsx index d4b8ff6c13461..a49f1489d31d1 100644 --- a/src/plugins/controls/public/react_controls/controls/timeslider_control/get_timeslider_control_factory.test.tsx +++ b/src/plugins/controls/public/controls/timeslider_control/get_timeslider_control_factory.test.tsx @@ -15,7 +15,7 @@ import { TimeRange } from '@kbn/es-query'; import { StateComparators } from '@kbn/presentation-publishing'; import { fireEvent, render } from '@testing-library/react'; -import { dataService } from '../../../services/kibana_services'; +import { dataService } from '../../services/kibana_services'; import { getMockedControlGroupApi } from '../mocks/control_mocks'; import { ControlApiRegistration } from '../types'; import { getTimesliderControlFactory } from './get_timeslider_control_factory'; diff --git a/src/plugins/controls/public/react_controls/controls/timeslider_control/get_timeslider_control_factory.tsx b/src/plugins/controls/public/controls/timeslider_control/get_timeslider_control_factory.tsx similarity index 99% rename from src/plugins/controls/public/react_controls/controls/timeslider_control/get_timeslider_control_factory.tsx rename to src/plugins/controls/public/controls/timeslider_control/get_timeslider_control_factory.tsx index cfc8e50bee1b5..b7d5b6f077080 100644 --- a/src/plugins/controls/public/react_controls/controls/timeslider_control/get_timeslider_control_factory.tsx +++ b/src/plugins/controls/public/controls/timeslider_control/get_timeslider_control_factory.tsx @@ -21,7 +21,7 @@ import { useBatchedPublishingSubjects, } from '@kbn/presentation-publishing'; -import { TIME_SLIDER_CONTROL } from '../../../../common'; +import { TIME_SLIDER_CONTROL } from '../../../common'; import { initializeDefaultControlApi } from '../initialize_default_control_api'; import { ControlFactory } from '../types'; import './components/index.scss'; diff --git a/src/plugins/controls/public/react_controls/controls/timeslider_control/init_time_range_percentage.ts b/src/plugins/controls/public/controls/timeslider_control/init_time_range_percentage.ts similarity index 100% rename from src/plugins/controls/public/react_controls/controls/timeslider_control/init_time_range_percentage.ts rename to src/plugins/controls/public/controls/timeslider_control/init_time_range_percentage.ts diff --git a/src/plugins/controls/public/react_controls/controls/timeslider_control/init_time_range_subscription.ts b/src/plugins/controls/public/controls/timeslider_control/init_time_range_subscription.ts similarity index 100% rename from src/plugins/controls/public/react_controls/controls/timeslider_control/init_time_range_subscription.ts rename to src/plugins/controls/public/controls/timeslider_control/init_time_range_subscription.ts diff --git a/src/plugins/controls/public/react_controls/controls/timeslider_control/register_timeslider_control.ts b/src/plugins/controls/public/controls/timeslider_control/register_timeslider_control.ts similarity index 85% rename from src/plugins/controls/public/react_controls/controls/timeslider_control/register_timeslider_control.ts rename to src/plugins/controls/public/controls/timeslider_control/register_timeslider_control.ts index 338a52631c931..93f30fe4b07d3 100644 --- a/src/plugins/controls/public/react_controls/controls/timeslider_control/register_timeslider_control.ts +++ b/src/plugins/controls/public/controls/timeslider_control/register_timeslider_control.ts @@ -7,8 +7,8 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import { TIME_SLIDER_CONTROL } from '../../../../common'; -import { untilPluginStartServicesReady } from '../../../services/kibana_services'; +import { TIME_SLIDER_CONTROL } from '../../../common'; +import { untilPluginStartServicesReady } from '../../services/kibana_services'; import { registerControlFactory } from '../../control_factory_registry'; export function registerTimeSliderControl() { diff --git a/src/plugins/controls/public/react_controls/controls/timeslider_control/time_utils.tsx b/src/plugins/controls/public/controls/timeslider_control/time_utils.tsx similarity index 100% rename from src/plugins/controls/public/react_controls/controls/timeslider_control/time_utils.tsx rename to src/plugins/controls/public/controls/timeslider_control/time_utils.tsx diff --git a/src/plugins/controls/public/react_controls/controls/timeslider_control/types.ts b/src/plugins/controls/public/controls/timeslider_control/types.ts similarity index 94% rename from src/plugins/controls/public/react_controls/controls/timeslider_control/types.ts rename to src/plugins/controls/public/controls/timeslider_control/types.ts index 634e0351e77eb..48c7a5a76469c 100644 --- a/src/plugins/controls/public/react_controls/controls/timeslider_control/types.ts +++ b/src/plugins/controls/public/controls/timeslider_control/types.ts @@ -8,7 +8,7 @@ */ import type { PublishesPanelTitle, PublishesTimeslice } from '@kbn/presentation-publishing'; -import type { DefaultControlState } from '../../../../common'; +import type { DefaultControlState } from '../../../common'; import type { DefaultControlApi } from '../types'; export type Timeslice = [number, number]; diff --git a/src/plugins/controls/public/react_controls/controls/types.ts b/src/plugins/controls/public/controls/types.ts similarity index 96% rename from src/plugins/controls/public/react_controls/controls/types.ts rename to src/plugins/controls/public/controls/types.ts index ce4ad9f194fa3..e79c20c99f150 100644 --- a/src/plugins/controls/public/react_controls/controls/types.ts +++ b/src/plugins/controls/public/controls/types.ts @@ -24,9 +24,9 @@ import { StateComparators, } from '@kbn/presentation-publishing'; -import { ControlWidth, DefaultControlState } from '../../../common/types'; +import { ControlWidth, DefaultControlState } from '../../common/types'; import { ControlGroupApi } from '../control_group/types'; -import { CanClearSelections } from '../../types'; +import { CanClearSelections } from '../types'; export interface HasCustomPrepend { CustomPrependComponent: React.FC<{}>; diff --git a/src/plugins/controls/public/index.ts b/src/plugins/controls/public/index.ts index 6c7a548cb091d..eaa800387759b 100644 --- a/src/plugins/controls/public/index.ts +++ b/src/plugins/controls/public/index.ts @@ -12,23 +12,20 @@ import { ControlsPlugin } from './plugin'; export { controlGroupStateBuilder, type ControlGroupStateBuilder, -} from './react_controls/control_group/utils/control_group_state_builder'; +} from './control_group/utils/control_group_state_builder'; -export type { ControlGroupApi, ControlStateTransform } from './react_controls/control_group/types'; +export type { ControlGroupApi, ControlStateTransform } from './control_group/types'; export { ACTION_CLEAR_CONTROL, ACTION_DELETE_CONTROL, ACTION_EDIT_CONTROL } from './actions'; -export type { - DataControlApi, - DataControlFactory, -} from './react_controls/controls/data_controls/types'; +export type { DataControlApi, DataControlFactory } from './controls/data_controls/types'; export { ControlGroupRenderer, type ControlGroupCreationOptions, type ControlGroupRendererApi, type ControlGroupRendererProps, -} from './react_controls/external_api'; +} from './control_group/control_group_renderer'; export { CONTROL_GROUP_TYPE, diff --git a/src/plugins/controls/public/plugin.ts b/src/plugins/controls/public/plugin.ts index c6e1a2873b169..3e915e958d111 100644 --- a/src/plugins/controls/public/plugin.ts +++ b/src/plugins/controls/public/plugin.ts @@ -13,10 +13,10 @@ import { PANEL_HOVER_TRIGGER } from '@kbn/embeddable-plugin/public'; import { ClearControlAction } from './actions/clear_control_action'; import { DeleteControlAction } from './actions/delete_control_action'; import { EditControlAction } from './actions/edit_control_action'; -import { registerControlGroupEmbeddable } from './react_controls/control_group/register_control_group_embeddable'; -import { registerOptionsListControl } from './react_controls/controls/data_controls/options_list_control/register_options_list_control'; -import { registerRangeSliderControl } from './react_controls/controls/data_controls/range_slider/register_range_slider_control'; -import { registerTimeSliderControl } from './react_controls/controls/timeslider_control/register_timeslider_control'; +import { registerControlGroupEmbeddable } from './control_group/register_control_group_embeddable'; +import { registerOptionsListControl } from './controls/data_controls/options_list_control/register_options_list_control'; +import { registerRangeSliderControl } from './controls/data_controls/range_slider/register_range_slider_control'; +import { registerTimeSliderControl } from './controls/timeslider_control/register_timeslider_control'; import { setKibanaServices, untilPluginStartServicesReady } from './services/kibana_services'; import type { ControlsPluginSetupDeps, ControlsPluginStartDeps } from './types'; diff --git a/src/plugins/dashboard/public/dashboard_container/embeddable/create/controls/dashboard_control_group_integration.test.ts b/src/plugins/dashboard/public/dashboard_container/embeddable/create/controls/dashboard_control_group_integration.test.ts index 1659d3673e43d..3a18acd242e4f 100644 --- a/src/plugins/dashboard/public/dashboard_container/embeddable/create/controls/dashboard_control_group_integration.test.ts +++ b/src/plugins/dashboard/public/dashboard_container/embeddable/create/controls/dashboard_control_group_integration.test.ts @@ -11,8 +11,6 @@ import { Filter } from '@kbn/es-query'; import { combineDashboardFiltersWithControlGroupFilters } from './dashboard_control_group_integration'; import { BehaviorSubject } from 'rxjs'; -jest.mock('@kbn/controls-plugin/public/react_controls/control_group/get_control_group_factory'); - const testFilter1: Filter = { meta: { key: 'testfield', diff --git a/src/plugins/dashboard/public/services/saved_objects_tagging/saved_objects_tagging.stub.ts b/src/plugins/dashboard/public/services/saved_objects_tagging/saved_objects_tagging.stub.ts index 5c04a7c5c4890..ed8e4e5486dad 100644 --- a/src/plugins/dashboard/public/services/saved_objects_tagging/saved_objects_tagging.stub.ts +++ b/src/plugins/dashboard/public/services/saved_objects_tagging/saved_objects_tagging.stub.ts @@ -21,7 +21,6 @@ export const savedObjectsTaggingServiceFactory: SavedObjectsTaggingServiceFactor // I'm not defining components so that I don't have to update the snapshot of `save_modal.test` // However, if it's ever necessary, it can be done via: `components: pluginMock.components`, - hasTagDecoration: pluginMock.hasTagDecoration, parseSearchQuery: pluginMock.parseSearchQuery, getSearchBarFilter: pluginMock.getSearchBarFilter, getTagIdsFromReferences: pluginMock.getTagIdsFromReferences, diff --git a/src/plugins/dashboard/public/services/saved_objects_tagging/saved_objects_tagging_service.ts b/src/plugins/dashboard/public/services/saved_objects_tagging/saved_objects_tagging_service.ts index 2eb49f79169ed..4440ee069d2bc 100644 --- a/src/plugins/dashboard/public/services/saved_objects_tagging/saved_objects_tagging_service.ts +++ b/src/plugins/dashboard/public/services/saved_objects_tagging/saved_objects_tagging_service.ts @@ -29,7 +29,6 @@ export const savedObjectsTaggingServiceFactory: SavedObjectsTaggingServiceFactor ui: { components, parseSearchQuery, - hasTagDecoration, getSearchBarFilter, updateTagsReferences, getTagIdsFromReferences, @@ -42,7 +41,6 @@ export const savedObjectsTaggingServiceFactory: SavedObjectsTaggingServiceFactor hasApi: true, api: taggingApi, components, - hasTagDecoration, parseSearchQuery, getSearchBarFilter, updateTagsReferences, diff --git a/src/plugins/dashboard/public/services/saved_objects_tagging/types.ts b/src/plugins/dashboard/public/services/saved_objects_tagging/types.ts index 340849a3b9406..f08aa7c6c28f2 100644 --- a/src/plugins/dashboard/public/services/saved_objects_tagging/types.ts +++ b/src/plugins/dashboard/public/services/saved_objects_tagging/types.ts @@ -13,7 +13,6 @@ export interface DashboardSavedObjectsTaggingService { hasApi: boolean; // remove this once the entire service is optional api?: SavedObjectsTaggingApi; components?: SavedObjectsTaggingApi['ui']['components']; - hasTagDecoration?: SavedObjectsTaggingApi['ui']['hasTagDecoration']; parseSearchQuery?: SavedObjectsTaggingApi['ui']['parseSearchQuery']; getSearchBarFilter?: SavedObjectsTaggingApi['ui']['getSearchBarFilter']; updateTagsReferences?: SavedObjectsTaggingApi['ui']['updateTagsReferences']; diff --git a/src/plugins/newsfeed/public/components/flyout_list.tsx b/src/plugins/newsfeed/public/components/flyout_list.tsx index ca7ac8cc68fc4..e1627dfc61953 100644 --- a/src/plugins/newsfeed/public/components/flyout_list.tsx +++ b/src/plugins/newsfeed/public/components/flyout_list.tsx @@ -30,10 +30,12 @@ import { NewsfeedItem } from '../types'; import { NewsEmptyPrompt } from './empty_news'; import { NewsLoadingPrompt } from './loading_news'; -export const NewsfeedFlyout = (props: Partial & { showPlainSpinner: boolean }) => { +export const NewsfeedFlyout = ( + props: Partial & { showPlainSpinner: boolean; isServerless: boolean } +) => { const { newsFetchResult, setFlyoutVisible } = useContext(NewsfeedContext); const closeFlyout = useCallback(() => setFlyoutVisible(false), [setFlyoutVisible]); - const { showPlainSpinner, ...rest } = props; + const { showPlainSpinner, isServerless, ...rest } = props; return ( & { showPlainSpinn - {newsFetchResult ? ( + {newsFetchResult && !isServerless ? (

, 'isServerless'> { newsfeedApi: NewsfeedApi; hasCustomBranding$: Observable; } -export const NewsfeedNavButton = ({ newsfeedApi, hasCustomBranding$ }: Props) => { +export const NewsfeedNavButton = ({ newsfeedApi, hasCustomBranding$, isServerless }: Props) => { const [flyoutVisible, setFlyoutVisible] = useState(false); const [newsFetchResult, setNewsFetchResult] = useState(null); const hasCustomBranding = useObservable(hasCustomBranding$, false); @@ -78,6 +78,7 @@ export const NewsfeedNavButton = ({ newsfeedApi, hasCustomBranding$ }: Props) => {flyoutVisible ? ( diff --git a/src/plugins/newsfeed/public/plugin.tsx b/src/plugins/newsfeed/public/plugin.tsx index fc2cc452d2170..3719914192dfe 100644 --- a/src/plugins/newsfeed/public/plugin.tsx +++ b/src/plugins/newsfeed/public/plugin.tsx @@ -24,11 +24,13 @@ export type NewsfeedPublicPluginStart = ReturnType { + private readonly isServerless: boolean; private readonly kibanaVersion: string; private readonly config: NewsfeedPluginBrowserConfig; private readonly stop$ = new Rx.ReplaySubject(1); constructor(initializerContext: PluginInitializerContext) { + this.isServerless = initializerContext.env.packageInfo.buildFlavor === 'serverless'; this.kibanaVersion = initializerContext.env.packageInfo.version; const config = initializerContext.config.get(); this.config = Object.freeze({ @@ -89,7 +91,11 @@ export class NewsfeedPublicPlugin const hasCustomBranding$ = core.customBranding.hasCustomBranding$; ReactDOM.render( - + , targetDomElement ); diff --git a/src/plugins/saved_objects/kibana.jsonc b/src/plugins/saved_objects/kibana.jsonc index aa1c9aae31194..1f063a7cdfa59 100644 --- a/src/plugins/saved_objects/kibana.jsonc +++ b/src/plugins/saved_objects/kibana.jsonc @@ -9,9 +9,6 @@ "requiredPlugins": [ "data", "dataViews" - ], - "requiredBundles": [ - "kibanaUtils" ] } } diff --git a/src/plugins/saved_objects/public/index.ts b/src/plugins/saved_objects/public/index.ts index 4ce1d679c743f..6d7a013cf59ca 100644 --- a/src/plugins/saved_objects/public/index.ts +++ b/src/plugins/saved_objects/public/index.ts @@ -11,13 +11,7 @@ import { SavedObjectsPublicPlugin } from './plugin'; export type { OnSaveProps, OriginSaveModalProps, SaveModalState, SaveResult } from './save_modal'; export { SavedObjectSaveModal, SavedObjectSaveModalOrigin, showSaveModal } from './save_modal'; -export type { - SavedObjectDecorator, - SavedObjectDecoratorFactory, - SavedObjectDecoratorConfig, -} from './saved_object'; export { checkForDuplicateTitle, saveWithConfirmation, isErrorNonFatal } from './saved_object'; export type { SavedObjectSaveOpts, SavedObject, SavedObjectConfig } from './types'; -export type { SavedObjectsStart, SavedObjectSetup } from './plugin'; export const plugin = () => new SavedObjectsPublicPlugin(); diff --git a/src/plugins/saved_objects/public/mocks.ts b/src/plugins/saved_objects/public/mocks.ts index 124f9bcd2d659..5d15efcb0b22f 100644 --- a/src/plugins/saved_objects/public/mocks.ts +++ b/src/plugins/saved_objects/public/mocks.ts @@ -7,21 +7,4 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import { SavedObjectsStart, SavedObjectSetup } from './plugin'; - -const createStartContract = (): SavedObjectsStart => { - return { - SavedObjectClass: jest.fn(), - }; -}; - -const createSetupContract = (): jest.Mocked => { - return { - registerDecorator: jest.fn(), - }; -}; - -export const savedObjectsPluginMock = { - createStartContract, - createSetupContract, -}; +export const savedObjectsPluginMock = {}; diff --git a/src/plugins/saved_objects/public/plugin.ts b/src/plugins/saved_objects/public/plugin.ts index cbf3a5e69cf7f..fd67e783fab75 100644 --- a/src/plugins/saved_objects/public/plugin.ts +++ b/src/plugins/saved_objects/public/plugin.ts @@ -12,55 +12,19 @@ import { CoreStart, Plugin } from '@kbn/core/public'; import './index.scss'; import { DataPublicPluginStart } from '@kbn/data-plugin/public'; import { DataViewsPublicPluginStart } from '@kbn/data-views-plugin/public'; -import { - createSavedObjectClass, - SavedObjectDecoratorRegistry, - SavedObjectDecoratorConfig, -} from './saved_object'; -import { SavedObject } from './types'; import { setStartServices } from './kibana_services'; -export interface SavedObjectSetup { - registerDecorator: (config: SavedObjectDecoratorConfig) => void; -} - -export interface SavedObjectsStart { - /** - * @deprecated - * @removeBy 8.8.0 - */ - SavedObjectClass: new (raw: Record) => SavedObject; -} - export interface SavedObjectsStartDeps { data: DataPublicPluginStart; dataViews: DataViewsPublicPluginStart; } -export class SavedObjectsPublicPlugin - implements Plugin -{ - private decoratorRegistry = new SavedObjectDecoratorRegistry(); - - public setup(): SavedObjectSetup { - return { - registerDecorator: (config) => this.decoratorRegistry.register(config), - }; +export class SavedObjectsPublicPlugin implements Plugin<{}, {}, object, SavedObjectsStartDeps> { + public setup() { + return {}; } public start(core: CoreStart, { data, dataViews }: SavedObjectsStartDeps) { setStartServices(core); - return { - SavedObjectClass: createSavedObjectClass( - { - dataViews, - savedObjectsClient: core.savedObjects.client, - search: data.search, - chrome: core.chrome, - overlays: core.overlays, - }, - core, - this.decoratorRegistry - ), - }; + return {}; } } diff --git a/src/plugins/saved_objects/public/saved_object/decorators/registry.mock.ts b/src/plugins/saved_objects/public/saved_object/decorators/registry.mock.ts deleted file mode 100644 index ad292b65e4e51..0000000000000 --- a/src/plugins/saved_objects/public/saved_object/decorators/registry.mock.ts +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import { ISavedObjectDecoratorRegistry } from './registry'; - -const createRegistryMock = () => { - const mock: jest.Mocked = { - register: jest.fn(), - getOrderedDecorators: jest.fn(), - }; - - mock.getOrderedDecorators.mockReturnValue([]); - - return mock; -}; - -export const savedObjectsDecoratorRegistryMock = { - create: createRegistryMock, -}; diff --git a/src/plugins/saved_objects/public/saved_object/decorators/registry.test.ts b/src/plugins/saved_objects/public/saved_object/decorators/registry.test.ts deleted file mode 100644 index 590e2717c48ff..0000000000000 --- a/src/plugins/saved_objects/public/saved_object/decorators/registry.test.ts +++ /dev/null @@ -1,126 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import { SavedObjectDecoratorRegistry } from './registry'; - -const mockDecorator = (id: string = 'foo') => { - return { - getId: () => id, - decorateConfig: () => undefined, - decorateObject: () => undefined, - }; -}; - -describe('SavedObjectDecoratorRegistry', () => { - let registry: SavedObjectDecoratorRegistry; - - beforeEach(() => { - registry = new SavedObjectDecoratorRegistry(); - }); - - describe('register', () => { - it('allow to register a decorator', () => { - expect(() => { - registry.register({ - id: 'foo', - priority: 9000, - factory: () => mockDecorator(), - }); - }).not.toThrow(); - }); - - it('throws when trying to register the same id twice', () => { - registry.register({ - id: 'foo', - priority: 9000, - factory: () => mockDecorator(), - }); - - expect(() => { - registry.register({ - id: 'foo', - priority: 42, - factory: () => mockDecorator(), - }); - }).toThrowErrorMatchingInlineSnapshot(`"A decorator is already registered for id foo"`); - }); - - it('throws when trying to register multiple decorators with the same priority', () => { - registry.register({ - id: 'foo', - priority: 100, - factory: () => mockDecorator(), - }); - - expect(() => { - registry.register({ - id: 'bar', - priority: 100, - factory: () => mockDecorator(), - }); - }).toThrowErrorMatchingInlineSnapshot(`"A decorator is already registered for priority 100"`); - }); - }); - - describe('getOrderedDecorators', () => { - it('returns the decorators in correct order', () => { - registry.register({ - id: 'A', - priority: 1000, - factory: () => mockDecorator('A'), - }); - registry.register({ - id: 'B', - priority: 100, - factory: () => mockDecorator('B'), - }); - registry.register({ - id: 'C', - priority: 2000, - factory: () => mockDecorator('C'), - }); - - const decorators = registry.getOrderedDecorators({} as any); - expect(decorators.map((d) => d.getId())).toEqual(['B', 'A', 'C']); - }); - - it('invoke the decorators factory with the provided services', () => { - const services = Symbol('services'); - - const decorator = { - id: 'foo', - priority: 9000, - factory: jest.fn(), - }; - registry.register(decorator); - registry.getOrderedDecorators(services as any); - - expect(decorator.factory).toHaveBeenCalledTimes(1); - expect(decorator.factory).toHaveBeenCalledWith(services); - }); - - it('invoke the factory each time the method is called', () => { - const services = Symbol('services'); - - const decorator = { - id: 'foo', - priority: 9000, - factory: jest.fn(), - }; - registry.register(decorator); - registry.getOrderedDecorators(services as any); - - expect(decorator.factory).toHaveBeenCalledTimes(1); - - registry.getOrderedDecorators(services as any); - - expect(decorator.factory).toHaveBeenCalledTimes(2); - }); - }); -}); diff --git a/src/plugins/saved_objects/public/saved_object/decorators/registry.ts b/src/plugins/saved_objects/public/saved_object/decorators/registry.ts deleted file mode 100644 index 816ba2a84c1ae..0000000000000 --- a/src/plugins/saved_objects/public/saved_object/decorators/registry.ts +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import { PublicMethodsOf } from '@kbn/utility-types'; -import { SavedObjectDecoratorFactory } from './types'; -import { SavedObjectKibanaServices, SavedObject } from '../../types'; - -export interface SavedObjectDecoratorConfig { - /** - * The id of the decorator - */ - id: string; - /** - * Highest priority will be called **last** - * (the decoration will be at the highest level) - */ - priority: number; - /** - * The factory to use to create the decorator - */ - factory: SavedObjectDecoratorFactory; -} - -export type ISavedObjectDecoratorRegistry = PublicMethodsOf; - -export class SavedObjectDecoratorRegistry { - private readonly registry = new Map>(); - - public register(config: SavedObjectDecoratorConfig) { - if (this.registry.has(config.id)) { - throw new Error(`A decorator is already registered for id ${config.id}`); - } - if ([...this.registry.values()].find(({ priority }) => priority === config.priority)) { - throw new Error(`A decorator is already registered for priority ${config.priority}`); - } - this.registry.set(config.id, config); - } - - public getOrderedDecorators(services: SavedObjectKibanaServices) { - return [...this.registry.values()] - .sort((a, b) => a.priority - b.priority) - .map(({ factory }) => factory(services)); - } -} diff --git a/src/plugins/saved_objects/public/saved_object/decorators/types.ts b/src/plugins/saved_objects/public/saved_object/decorators/types.ts deleted file mode 100644 index 8f992a46a8fb9..0000000000000 --- a/src/plugins/saved_objects/public/saved_object/decorators/types.ts +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import { SavedObject, SavedObjectKibanaServices, SavedObjectConfig } from '../../types'; - -export interface SavedObjectDecorator { - /** - * Id of the decorator - */ - getId(): string; - - /** - * Decorate the saved object provided config. This can be used to enhance or alter the object's provided - * configuration. - */ - decorateConfig: (config: SavedObjectConfig) => void; - /** - * Decorate the saved object instance. Can be used to add additional methods to it. - * - * @remarks This will be called before the internal constructor of the object, meaning that - * wrapping existing methods is not possible (and is not a desired pattern). - */ - decorateObject: (object: T) => void; -} - -export type SavedObjectDecoratorFactory = ( - services: SavedObjectKibanaServices -) => SavedObjectDecorator; diff --git a/src/plugins/saved_objects/public/saved_object/helpers/build_saved_object.ts b/src/plugins/saved_objects/public/saved_object/helpers/build_saved_object.ts deleted file mode 100644 index 388f84fcd524d..0000000000000 --- a/src/plugins/saved_objects/public/saved_object/helpers/build_saved_object.ts +++ /dev/null @@ -1,135 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import { once } from 'lodash'; -import { hydrateIndexPattern } from './hydrate_index_pattern'; -import { intializeSavedObject } from './initialize_saved_object'; -import { serializeSavedObject } from './serialize_saved_object'; - -import { - EsResponse, - SavedObject, - SavedObjectConfig, - SavedObjectKibanaServices, - SavedObjectSaveOpts, - StartServices, -} from '../../types'; -import { applyESResp } from './apply_es_resp'; -import { saveSavedObject } from './save_saved_object'; -import { SavedObjectDecorator } from '../decorators'; - -const applyDecorators = ( - object: SavedObject, - config: SavedObjectConfig, - decorators: SavedObjectDecorator[] -) => { - decorators.forEach((decorator) => { - decorator.decorateConfig(config); - decorator.decorateObject(object); - }); -}; - -export function buildSavedObject( - savedObject: SavedObject, - config: SavedObjectConfig, - services: SavedObjectKibanaServices, - startServices: StartServices, - decorators: SavedObjectDecorator[] = [] -) { - applyDecorators(savedObject, config, decorators); - - const { dataViews, savedObjectsClient } = services; - // type name for this object, used as the ES-type - const esType = config.type || ''; - - savedObject.getDisplayName = () => esType; - - // NOTE: this.type (not set in this file, but somewhere else) is the sub type, e.g. 'area' or - // 'data table', while esType is the more generic type - e.g. 'visualization' or 'saved search'. - savedObject.getEsType = () => esType; - - /** - * Flips to true during a save operation, and back to false once the save operation - * completes. - * @type {boolean} - */ - savedObject.isSaving = false; - savedObject.defaults = config.defaults || {}; - // optional search source which this object configures - savedObject.searchSource = config.searchSource - ? services.search.searchSource.createEmpty() - : undefined; - // the id of the document - savedObject.id = config.id || void 0; - // the migration version of the document, should only be set on imports - savedObject.migrationVersion = config.migrationVersion; - // Whether to create a copy when the object is saved. This should eventually go away - // in favor of a better rename/save flow. - savedObject.copyOnSave = false; - - /** - * After creation or fetching from ES, ensure that the searchSources index indexPattern - * is an bonafide IndexPattern object. - * - * @return {Promise} - */ - savedObject.hydrateIndexPattern = (id?: string) => - hydrateIndexPattern(id || '', savedObject, dataViews, config); - /** - * Asynchronously initialize this object - will only run - * once even if called multiple times. - * - * @return {Promise} - * @resolved {SavedObject} - */ - savedObject.init = once(() => intializeSavedObject(savedObject, savedObjectsClient, config)); - - savedObject.applyESResp = (resp: EsResponse) => applyESResp(resp, savedObject, config, services); - - /** - * Serialize this object - * @return {Object} - */ - savedObject._serialize = () => serializeSavedObject(savedObject, config); - - /** - * Returns true if the object's original title has been changed. New objects return false. - * @return {boolean} - */ - savedObject.isTitleChanged = () => - savedObject._source && savedObject._source.title !== savedObject.title; - - savedObject.creationOpts = (opts: Record = {}) => ({ - id: savedObject.id, - migrationVersion: savedObject.migrationVersion, - ...opts, - }); - - savedObject.save = async (opts: SavedObjectSaveOpts) => { - try { - const result = await saveSavedObject(savedObject, config, opts, services, startServices); - return Promise.resolve(result); - } catch (e) { - return Promise.reject(e); - } - }; - - savedObject.destroy = () => {}; - - /** - * Delete this object from Elasticsearch - * @return {promise} - */ - savedObject.delete = () => { - if (!savedObject.id) { - return Promise.reject(new Error('Deleting a saved Object requires type and id')); - } - return savedObjectsClient.delete(esType, savedObject.id); - }; -} diff --git a/src/plugins/saved_objects/public/saved_object/index.ts b/src/plugins/saved_objects/public/saved_object/index.ts index 89cfa263093b1..560178fdf4f36 100644 --- a/src/plugins/saved_objects/public/saved_object/index.ts +++ b/src/plugins/saved_objects/public/saved_object/index.ts @@ -7,13 +7,6 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -export { createSavedObjectClass } from './saved_object'; export { checkForDuplicateTitle } from './helpers/check_for_duplicate_title'; export { saveWithConfirmation } from './helpers/save_with_confirmation'; export { isErrorNonFatal } from './helpers/save_saved_object'; -export type { - SavedObjectDecoratorFactory, - SavedObjectDecorator, - SavedObjectDecoratorConfig, -} from './decorators'; -export { SavedObjectDecoratorRegistry } from './decorators'; diff --git a/src/plugins/saved_objects/public/saved_object/saved_object.test.ts b/src/plugins/saved_objects/public/saved_object/saved_object.test.ts deleted file mode 100644 index 645ae855b277b..0000000000000 --- a/src/plugins/saved_objects/public/saved_object/saved_object.test.ts +++ /dev/null @@ -1,888 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import { createSavedObjectClass } from './saved_object'; -import { - SavedObject, - SavedObjectConfig, - SavedObjectKibanaServices, - SavedObjectSaveOpts, -} from '../types'; -import { SavedObjectDecorator } from './decorators'; - -import { - analyticsServiceMock, - coreMock, - i18nServiceMock, - themeServiceMock, -} from '@kbn/core/public/mocks'; -import { dataPluginMock, createSearchSourceMock } from '@kbn/data-plugin/public/mocks'; -import { createStubIndexPattern } from '@kbn/data-plugin/common/stubs'; -import { SavedObjectAttributes, SimpleSavedObject } from '@kbn/core/public'; -import { DataView } from '@kbn/data-plugin/common'; -import { savedObjectsDecoratorRegistryMock } from './decorators/registry.mock'; - -describe('Saved Object', () => { - const startMock = coreMock.createStart(); - const dataStartMock = dataPluginMock.createStartContract(); - const saveOptionsMock = {} as SavedObjectSaveOpts; - const savedObjectsClientStub = startMock.savedObjects.client; - const startServices = { - analytics: analyticsServiceMock.createAnalyticsServiceStart(), - i18n: i18nServiceMock.createStartContract(), - theme: themeServiceMock.createStartContract(), - }; - let decoratorRegistry: ReturnType; - - let SavedObjectClass: new (config: SavedObjectConfig) => SavedObject; - - /** - * Returns a fake doc response with the given index and id, of type dashboard - * that can be used to stub es calls. - * @param indexPatternId - * @param additionalOptions - object that will be assigned to the mocked doc response. - * @returns {{attributes: {}, type: string, id: *, _version: string}} - */ - function getMockedDocResponse(indexPatternId: string, additionalOptions = {}) { - return { - type: 'dashboard', - id: indexPatternId, - _version: 'foo', - attributes: {}, - ...additionalOptions, - } as SimpleSavedObject; - } - - /** - * Stubs some of the es retrieval calls so it returns the given response. - * @param {Object} mockDocResponse - */ - function stubESResponse(mockDocResponse: SimpleSavedObject) { - // Stub out search for duplicate title: - savedObjectsClientStub.get = jest.fn().mockReturnValue(Promise.resolve(mockDocResponse)); - savedObjectsClientStub.update = jest.fn().mockReturnValue(Promise.resolve(mockDocResponse)); - - savedObjectsClientStub.find = jest - .fn() - .mockReturnValue(Promise.resolve({ savedObjects: [], total: 0 })); - - savedObjectsClientStub.bulkGet = jest - .fn() - .mockReturnValue(Promise.resolve({ savedObjects: [mockDocResponse] })); - } - - function stubSavedObjectsClientCreate( - resp: SimpleSavedObject | string, - resolve = true - ) { - savedObjectsClientStub.create = jest - .fn() - .mockReturnValue(resolve ? Promise.resolve(resp) : Promise.reject(resp)); - } - - /** - * Creates a new saved object with the given configuration and initializes it. - * Returns the promise that will be completed when the initialization finishes. - * - * @param {Object} config - * @returns {Promise} A promise that resolves with an instance of - * SavedObject - */ - function createInitializedSavedObject(config: SavedObjectConfig = { type: 'dashboard' }) { - const savedObject = new SavedObjectClass(config); - savedObject.title = 'my saved object'; - - return savedObject.init!(); - } - - const initSavedObjectClass = () => { - SavedObjectClass = createSavedObjectClass( - { - savedObjectsClient: savedObjectsClientStub, - indexPatterns: dataStartMock.indexPatterns, - search: { - ...dataStartMock.search, - searchSource: { - ...dataStartMock.search.searchSource, - create: createSearchSourceMock, - createEmpty: createSearchSourceMock, - }, - }, - } as unknown as SavedObjectKibanaServices, - startServices, - decoratorRegistry - ); - }; - - beforeEach(() => { - decoratorRegistry = savedObjectsDecoratorRegistryMock.create(); - initSavedObjectClass(); - }); - - describe('decorators', () => { - it('calls the decorators during construct', () => { - const decorA = { - getId: () => 'A', - decorateConfig: jest.fn(), - decorateObject: jest.fn(), - }; - const decorB = { - getId: () => 'B', - decorateConfig: jest.fn(), - decorateObject: jest.fn(), - }; - - decoratorRegistry.getOrderedDecorators.mockReturnValue([decorA, decorB]); - - initSavedObjectClass(); - createInitializedSavedObject(); - - expect(decorA.decorateConfig).toHaveBeenCalledTimes(1); - expect(decorA.decorateObject).toHaveBeenCalledTimes(1); - }); - - it('calls the decorators in correct order', () => { - const decorA = { - getId: () => 'A', - decorateConfig: jest.fn(), - decorateObject: jest.fn(), - }; - const decorB = { - getId: () => 'B', - decorateConfig: jest.fn(), - decorateObject: jest.fn(), - }; - - decoratorRegistry.getOrderedDecorators.mockReturnValue([decorA, decorB]); - - initSavedObjectClass(); - createInitializedSavedObject(); - - expect(decorA.decorateConfig.mock.invocationCallOrder[0]).toBeLessThan( - decorB.decorateConfig.mock.invocationCallOrder[0] - ); - expect(decorA.decorateObject.mock.invocationCallOrder[0]).toBeLessThan( - decorB.decorateObject.mock.invocationCallOrder[0] - ); - }); - - it('passes the mutated config and object down the decorator chain', () => { - expect.assertions(2); - - const newMappingValue = 'string'; - const newObjectMethod = jest.fn(); - - const decorA: SavedObjectDecorator = { - getId: () => 'A', - decorateConfig: (config) => { - config.mapping = { - ...config.mapping, - addedFromA: newMappingValue, - }; - }, - decorateObject: (object) => { - (object as any).newMethod = newObjectMethod; - }, - }; - const decorB: SavedObjectDecorator = { - getId: () => 'B', - decorateConfig: (config) => { - expect(config.mapping!.addedFromA).toBe(newMappingValue); - }, - decorateObject: (object) => { - expect((object as any).newMethod).toBe(newObjectMethod); - }, - }; - - decoratorRegistry.getOrderedDecorators.mockReturnValue([decorA, decorB]); - - initSavedObjectClass(); - createInitializedSavedObject(); - }); - }); - - describe('save', () => { - describe('with confirmOverwrite', () => { - it('when false does not request overwrite', () => { - stubESResponse(getMockedDocResponse('myId')); - - return createInitializedSavedObject({ type: 'dashboard', id: 'myId' }).then( - (savedObject) => { - stubSavedObjectsClientCreate({ - id: 'myId', - } as SimpleSavedObject); - - return savedObject.save({ confirmOverwrite: false }).then(() => { - expect(startMock.overlays.openModal).not.toHaveBeenCalled(); - }); - } - ); - }); - }); - - describe('with copyOnSave', () => { - it('as true creates a copy on save success', () => { - stubESResponse(getMockedDocResponse('myId')); - - return createInitializedSavedObject({ type: 'dashboard', id: 'myId' }).then( - (savedObject) => { - stubSavedObjectsClientCreate({ - type: 'dashboard', - id: 'newUniqueId', - } as SimpleSavedObject); - savedObject.copyOnSave = true; - - return savedObject.save(saveOptionsMock).then((id) => { - expect(id).toBe('newUniqueId'); - }); - } - ); - }); - - it('as true does not create a copy when save fails', () => { - const originalId = 'id1'; - stubESResponse(getMockedDocResponse(originalId)); - - return createInitializedSavedObject({ type: 'dashboard', id: originalId }).then( - (savedObject) => { - stubSavedObjectsClientCreate('simulated error', false); - savedObject.copyOnSave = true; - - return savedObject - .save(saveOptionsMock) - .then(() => { - expect(false).toBe(true); - }) - .catch(() => { - expect(savedObject.id).toBe(originalId); - }); - } - ); - }); - - it('as false does not create a copy', () => { - const myId = 'myId'; - stubESResponse(getMockedDocResponse(myId)); - - return createInitializedSavedObject({ type: 'dashboard', id: myId }).then((savedObject) => { - savedObjectsClientStub.create = jest.fn().mockImplementation(() => { - expect(savedObject.id).toBe(myId); - return Promise.resolve({ id: myId }); - }); - savedObject.copyOnSave = false; - - return savedObject.save(saveOptionsMock).then((id) => { - expect(id).toBe(myId); - }); - }); - }); - }); - - it('returns id from server on success', () => { - return createInitializedSavedObject({ type: 'dashboard' }).then((savedObject) => { - stubESResponse(getMockedDocResponse('myId')); - stubSavedObjectsClientCreate({ - type: 'dashboard', - id: 'myId', - _version: 'foo', - } as SimpleSavedObject); - - return savedObject.save(saveOptionsMock).then((id) => { - expect(id).toBe('myId'); - }); - }); - }); - - describe('updates isSaving variable', () => { - it('on success', () => { - const id = 'id'; - stubESResponse(getMockedDocResponse(id)); - - return createInitializedSavedObject({ type: 'dashboard', id }).then((savedObject) => { - savedObjectsClientStub.create = jest.fn().mockImplementation(() => { - expect(savedObject.isSaving).toBe(true); - return Promise.resolve({ - type: 'dashboard', - id, - _version: 'foo', - }); - }); - - expect(savedObject.isSaving).toBe(false); - return savedObject.save(saveOptionsMock).then(() => { - expect(savedObject.isSaving).toBe(false); - }); - }); - }); - - it('on failure', () => { - stubESResponse(getMockedDocResponse('id')); - return createInitializedSavedObject({ type: 'dashboard' }).then((savedObject) => { - savedObjectsClientStub.create = jest.fn().mockImplementation(() => { - expect(savedObject.isSaving).toBe(true); - return Promise.reject(''); - }); - - expect(savedObject.isSaving).toBe(false); - return savedObject.save(saveOptionsMock).catch(() => { - expect(savedObject.isSaving).toBe(false); - }); - }); - }); - }); - - describe('to extract references', () => { - it('when "extractReferences" function when passed in', async () => { - const id = '123'; - stubESResponse(getMockedDocResponse(id)); - const extractReferences: SavedObjectConfig['extractReferences'] = ({ - attributes, - references, - }) => { - references.push({ - name: 'test', - type: 'index-pattern', - id: 'my-index', - }); - return { attributes, references }; - }; - return createInitializedSavedObject({ type: 'dashboard', extractReferences }).then( - (savedObject) => { - stubSavedObjectsClientCreate({ - id, - _version: 'foo', - type: 'dashboard', - } as SimpleSavedObject); - - return savedObject.save(saveOptionsMock).then(() => { - const { references } = (savedObjectsClientStub.create as jest.Mock).mock.calls[0][2]; - expect(references).toHaveLength(1); - expect(references[0]).toEqual({ - name: 'test', - type: 'index-pattern', - id: 'my-index', - }); - }); - } - ); - }); - - it('when search source references saved object', () => { - const id = '123'; - stubESResponse(getMockedDocResponse(id)); - return createInitializedSavedObject({ type: 'dashboard', searchSource: true }).then( - (savedObject) => { - stubSavedObjectsClientCreate({ - id, - _version: '2', - type: 'dashboard', - } as SimpleSavedObject); - - const indexPattern = createStubIndexPattern({ - spec: { id: 'my-index', title: 'my-index', version: '1' }, - }); - savedObject.searchSource!.setField('index', indexPattern); - return savedObject.save(saveOptionsMock).then(() => { - const args = (savedObjectsClientStub.create as jest.Mock).mock.calls[0]; - expect(args[1]).toEqual({ - kibanaSavedObjectMeta: { - searchSourceJSON: JSON.stringify({ - indexRefName: 'kibanaSavedObjectMeta.searchSourceJSON.index', - }), - }, - }); - - expect(args[2].references).toHaveLength(1); - expect(args[2].references[0]).toEqual({ - name: 'kibanaSavedObjectMeta.searchSourceJSON.index', - type: 'index-pattern', - id: 'my-index', - }); - }); - } - ); - }); - - it('when index in searchSourceJSON is not found', () => { - const id = '123'; - stubESResponse(getMockedDocResponse(id)); - return createInitializedSavedObject({ type: 'dashboard', searchSource: true }).then( - (savedObject) => { - stubSavedObjectsClientCreate({ - id, - _version: '2', - type: 'dashboard', - } as SimpleSavedObject); - - const indexPattern = createStubIndexPattern({ - spec: { - id: 'non-existant-index', - version: '1', - }, - }); - - savedObject.searchSource!.setField('index', indexPattern); - return savedObject.save(saveOptionsMock).then(() => { - const args = (savedObjectsClientStub.create as jest.Mock).mock.calls[0]; - expect(args[1]).toEqual({ - kibanaSavedObjectMeta: { - searchSourceJSON: JSON.stringify({ - indexRefName: 'kibanaSavedObjectMeta.searchSourceJSON.index', - }), - }, - }); - expect(args[2].references).toHaveLength(1); - expect(args[2].references[0]).toEqual({ - name: 'kibanaSavedObjectMeta.searchSourceJSON.index', - type: 'index-pattern', - id: 'non-existant-index', - }); - }); - } - ); - }); - - it('when indexes exists in filter of searchSourceJSON', () => { - const id = '123'; - stubESResponse(getMockedDocResponse(id)); - return createInitializedSavedObject({ type: 'dashboard', searchSource: true }).then( - (savedObject) => { - stubSavedObjectsClientCreate({ - id, - _version: '2', - type: 'dashboard', - } as SimpleSavedObject); - - savedObject.searchSource!.setField('filter', [ - { - meta: { - index: 'my-index', - }, - }, - ] as any); - return savedObject.save(saveOptionsMock).then(() => { - const args = (savedObjectsClientStub.create as jest.Mock).mock.calls[0]; - expect(args[1]).toEqual({ - kibanaSavedObjectMeta: { - searchSourceJSON: JSON.stringify({ - filter: [ - { - meta: { - indexRefName: - 'kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index', - }, - }, - ], - }), - }, - }); - expect(args[2].references).toHaveLength(1); - expect(args[2].references[0]).toEqual({ - name: 'kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index', - type: 'index-pattern', - id: 'my-index', - }); - }); - } - ); - }); - }); - }); - - describe('applyESResp', () => { - it('throws error if not found', () => { - return createInitializedSavedObject({ type: 'dashboard' }).then((savedObject) => { - const response = { _source: {} }; - try { - savedObject.applyESResp(response); - expect(true).toBe(false); - } catch (err) { - expect(!!err).toBe(true); - } - }); - }); - - it('preserves original defaults if not overridden', () => { - const id = 'anid'; - const preserveMeValue = 'here to stay!'; - const config = { - defaults: { - preserveMe: preserveMeValue, - }, - type: 'dashboard', - id, - }; - - const mockDocResponse = getMockedDocResponse(id); - stubESResponse(mockDocResponse); - - const savedObject = new SavedObjectClass(config); - return savedObject.init!() - .then(() => { - expect(savedObject._source.preserveMe).toEqual(preserveMeValue); - const response = { found: true, _source: {} }; - return savedObject.applyESResp(response); - }) - .then(() => { - expect(savedObject._source.preserveMe).toEqual(preserveMeValue); - }); - }); - - it('overrides defaults', () => { - const id = 'anid'; - const config = { - defaults: { - flower: 'rose', - }, - type: 'dashboard', - id, - }; - - stubESResponse(getMockedDocResponse(id)); - - const savedObject = new SavedObjectClass(config); - return savedObject.init!() - .then(() => { - expect(savedObject._source.flower).toEqual('rose'); - const response = { - found: true, - _source: { - flower: 'orchid', - }, - }; - return savedObject.applyESResp(response); - }) - .then(() => { - expect(savedObject._source.flower).toEqual('orchid'); - }); - }); - - it('overrides previous _source and default values', () => { - const id = 'anid'; - const config = { - defaults: { - dinosaurs: { - tRex: 'is the scariest', - }, - }, - type: 'dashboard', - id, - }; - - const mockDocResponse = getMockedDocResponse(id, { - attributes: { dinosaurs: { tRex: 'is not so bad' } }, - }); - stubESResponse(mockDocResponse); - - const savedObject = new SavedObjectClass(config); - return savedObject.init!() - .then(() => { - const response = { - found: true, - _source: { dinosaurs: { tRex: 'has big teeth' } }, - }; - - return savedObject.applyESResp(response); - }) - .then(() => { - expect((savedObject._source as any).dinosaurs.tRex).toEqual('has big teeth'); - }); - }); - - it('does not inject references when references array is missing', async () => { - const injectReferences = jest.fn(); - const config = { - type: 'dashboard', - injectReferences, - }; - const savedObject = new SavedObjectClass(config); - return savedObject.init!() - .then(() => { - const response = { - found: true, - _source: { - dinosaurs: { tRex: 'has big teeth' }, - }, - }; - return savedObject.applyESResp(response); - }) - .then(() => { - expect(injectReferences).not.toHaveBeenCalled(); - }); - }); - - it('does not inject references when references array is empty', async () => { - const injectReferences = jest.fn(); - const config = { - type: 'dashboard', - injectReferences, - }; - const savedObject = new SavedObjectClass(config); - return savedObject.init!() - .then(() => { - const response = { - found: true, - _source: { - dinosaurs: { tRex: 'has big teeth' }, - }, - references: [], - }; - return savedObject.applyESResp(response); - }) - .then(() => { - expect(injectReferences).not.toHaveBeenCalled(); - }); - }); - - it('injects references when function is provided and references exist', async () => { - const injectReferences = jest.fn(); - const config = { - type: 'dashboard', - injectReferences, - }; - const savedObject = new SavedObjectClass(config); - return savedObject.init!() - .then(() => { - const response = { - found: true, - _source: { - dinosaurs: { tRex: 'has big teeth' }, - }, - references: [{}], - }; - return savedObject.applyESResp(response); - }) - .then(() => { - expect(injectReferences).toHaveBeenCalledTimes(1); - }); - }); - - it('passes references to search source parsing function', async () => { - SavedObjectClass = createSavedObjectClass( - { - savedObjectsClient: savedObjectsClientStub, - indexPatterns: dataStartMock.indexPatterns, - search: { - ...dataStartMock.search, - }, - } as unknown as SavedObjectKibanaServices, - startServices, - decoratorRegistry - ); - const savedObject = new SavedObjectClass({ type: 'dashboard', searchSource: true }); - return savedObject.init!().then(async () => { - const searchSourceJSON = JSON.stringify({ - indexRefName: 'kibanaSavedObjectMeta.searchSourceJSON.index', - filter: [ - { - meta: { - indexRefName: 'kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index', - }, - }, - ], - }); - const response = { - found: true, - _source: { - kibanaSavedObjectMeta: { - searchSourceJSON, - }, - }, - references: [ - { - name: 'kibanaSavedObjectMeta.searchSourceJSON.index', - type: 'index-pattern', - id: 'my-index-1', - }, - { - name: 'kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index', - type: 'index-pattern', - id: 'my-index-2', - }, - ], - }; - await savedObject.applyESResp(response); - expect(dataStartMock.search.searchSource.create).toBeCalledWith({ - filter: [{ meta: { index: 'my-index-2' } }], - index: 'my-index-1', - }); - }); - }); - }); - - describe('config', () => { - it('afterESResp is called', () => { - const afterESRespCallback = jest.fn(); - const config = { - type: 'dashboard', - afterESResp: afterESRespCallback, - }; - - return createInitializedSavedObject(config).then(() => { - expect(afterESRespCallback).toHaveBeenCalled(); - }); - }); - - describe('searchSource', () => { - it('when true, creates index', () => { - const indexPatternId = 'testIndexPattern'; - const afterESRespCallback = jest.fn(); - - const config: SavedObjectConfig = { - type: 'dashboard', - afterESResp: afterESRespCallback, - searchSource: true, - indexPattern: { id: indexPatternId } as DataView, - }; - - stubESResponse( - getMockedDocResponse(indexPatternId, { - attributes: { - title: 'testIndexPattern', - }, - }) - ); - - const savedObject = new SavedObjectClass(config); - savedObject.hydrateIndexPattern = jest.fn().mockImplementation(() => { - const indexPattern = createStubIndexPattern({ - spec: { - id: indexPatternId, - title: indexPatternId, - }, - }); - savedObject.searchSource!.setField('index', indexPattern); - return Promise.resolve(indexPattern); - }); - expect(!!savedObject.searchSource!.getField('index')).toBe(false); - - return savedObject.init!().then(() => { - expect(afterESRespCallback).toHaveBeenCalled(); - const index = savedObject.searchSource!.getField('index'); - expect(index instanceof DataView).toBe(true); - expect(index!.id).toEqual(indexPatternId); - }); - }); - - it('when false, does not create index', () => { - const indexPatternId = 'testIndexPattern'; - const afterESRespCallback = jest.fn(); - - const config: SavedObjectConfig = { - type: 'dashboard', - afterESResp: afterESRespCallback, - searchSource: false, - indexPattern: { id: indexPatternId } as DataView, - }; - - stubESResponse(getMockedDocResponse(indexPatternId)); - - const savedObject = new SavedObjectClass(config); - expect(!!savedObject.searchSource).toBe(false); - - return savedObject.init!().then(() => { - expect(afterESRespCallback).toHaveBeenCalled(); - expect(!!savedObject.searchSource).toBe(false); - }); - }); - }); - - describe('type', () => { - it('that is not specified throws an error', (done) => { - const config = {}; - - const savedObject = new SavedObjectClass(config); - savedObject.init!().catch(() => { - done(); - }); - }); - - it('that is invalid invalid throws an error', () => { - const config = { type: 'notypeexists' }; - - const savedObject = new SavedObjectClass(config); - try { - savedObject.init!(); - expect(false).toBe(true); - } catch (err) { - expect(err).not.toBeNull(); - } - }); - - it('that is valid passes', () => { - const config = { type: 'dashboard' }; - return new SavedObjectClass(config).init!(); - }); - }); - - describe('defaults', () => { - function getTestDefaultConfig(extraOptions: object = {}) { - return { - defaults: { testDefault: 'hi' }, - type: 'dashboard', - ...extraOptions, - }; - } - - function expectDefaultApplied(config: SavedObjectConfig) { - return createInitializedSavedObject(config).then((savedObject) => { - expect(savedObject.defaults).toBe(config.defaults); - }); - } - - describe('applied to object when id', () => { - it('is not specified', () => { - expectDefaultApplied(getTestDefaultConfig()); - }); - - it('is undefined', () => { - expectDefaultApplied(getTestDefaultConfig({ id: undefined })); - }); - - it('is 0', () => { - expectDefaultApplied(getTestDefaultConfig({ id: 0 })); - }); - - it('is false', () => { - expectDefaultApplied(getTestDefaultConfig({ id: false })); - }); - }); - - it('applied to source if an id is given', () => { - const myId = 'myid'; - const customDefault = 'hi'; - const initialOverwriteMeValue = 'this should get overwritten by the server response'; - - const config = { - defaults: { - overwriteMe: initialOverwriteMeValue, - customDefault, - }, - type: 'dashboard', - id: myId, - }; - - const serverValue = 'this should override the initial default value given'; - - const mockDocResponse = getMockedDocResponse(myId, { - attributes: { overwriteMe: serverValue }, - }); - - stubESResponse(mockDocResponse); - - return createInitializedSavedObject(config).then((savedObject) => { - expect(!!savedObject._source).toBe(true); - expect(savedObject.defaults).toBe(config.defaults); - expect(savedObject._source.overwriteMe).toBe(serverValue); - expect(savedObject._source.customDefault).toBe(customDefault); - }); - }); - }); - }); -}); diff --git a/src/plugins/saved_objects/public/saved_object/saved_object.ts b/src/plugins/saved_objects/public/saved_object/saved_object.ts deleted file mode 100644 index cb83021582b2e..0000000000000 --- a/src/plugins/saved_objects/public/saved_object/saved_object.ts +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -/** - * @name SavedObject - * - * NOTE: SavedObject seems to track a reference to an object in ES, - * and surface methods for CRUD functionality (save and delete). This seems - * similar to how Backbone Models work. - * - * This class seems to interface with ES primarily through the es Angular - * service and the saved object api. - */ -import { SavedObject, SavedObjectConfig, SavedObjectKibanaServices, StartServices } from '../types'; -import { ISavedObjectDecoratorRegistry } from './decorators'; -import { buildSavedObject } from './helpers/build_saved_object'; - -export function createSavedObjectClass( - services: SavedObjectKibanaServices, - startServices: StartServices, - decoratorRegistry: ISavedObjectDecoratorRegistry -) { - /** - * The SavedObject class is a base class for saved objects loaded from the server and - * provides additional functionality besides loading/saving/deleting/etc. - * - * It is overloaded and configured to provide type-aware functionality. - * @param {*} config - */ - class SavedObjectClass { - constructor(config: SavedObjectConfig = {}) { - // @ts-ignore - const self: SavedObject = this; - buildSavedObject( - self, - config, - services, - startServices, - decoratorRegistry.getOrderedDecorators(services) - ); - } - } - - return SavedObjectClass as new (config: SavedObjectConfig) => SavedObject; -} diff --git a/src/plugins/saved_objects/tsconfig.json b/src/plugins/saved_objects/tsconfig.json index 4dbced6ac31a7..ccec7b43ad9f1 100644 --- a/src/plugins/saved_objects/tsconfig.json +++ b/src/plugins/saved_objects/tsconfig.json @@ -11,7 +11,6 @@ "@kbn/i18n", "@kbn/data-views-plugin", "@kbn/i18n-react", - "@kbn/utility-types", "@kbn/ui-theme", "@kbn/react-kibana-mount", "@kbn/test-jest-helpers", diff --git a/src/plugins/saved_objects_tagging_oss/public/api.mock.ts b/src/plugins/saved_objects_tagging_oss/public/api.mock.ts index 09655c6d28108..07539956c1485 100644 --- a/src/plugins/saved_objects_tagging_oss/public/api.mock.ts +++ b/src/plugins/saved_objects_tagging_oss/public/api.mock.ts @@ -55,8 +55,6 @@ type SavedObjectsTaggingApiUiMock = Omit, const createApiUiMock = () => { const mock: SavedObjectsTaggingApiUiMock = { components: createApiUiComponentsMock(), - // TS is very picky with type guards - hasTagDecoration: jest.fn() as any, getSearchBarFilter: jest.fn(), getTableColumnDefinition: jest.fn(), convertNameToReference: jest.fn(), diff --git a/src/plugins/saved_objects_tagging_oss/public/api.ts b/src/plugins/saved_objects_tagging_oss/public/api.ts index f211250532094..fa7f3665ac023 100644 --- a/src/plugins/saved_objects_tagging_oss/public/api.ts +++ b/src/plugins/saved_objects_tagging_oss/public/api.ts @@ -12,8 +12,6 @@ import { SearchFilterConfig, EuiTableFieldDataColumnType, EuiComboBoxProps } fro import type { FunctionComponent } from 'react'; import { SavedObject, SavedObjectReference } from '@kbn/core/types'; import { SavedObjectsFindOptionsReference } from '@kbn/core/public'; -import { SavedObject as SavedObjectClass } from '@kbn/saved-objects-plugin/public'; -import { TagDecoratedSavedObject } from './decorator'; import { ITagsClient, Tag, TagWithOptionalId } from '../common'; /** @@ -50,11 +48,6 @@ export interface ITagsCache { getState$(params?: { waitForInitialization?: boolean }): Observable; } -/** - * @public - */ -export type SavedObjectTagDecoratorTypeGuard = SavedObjectsTaggingApiUi['hasTagDecoration']; - /** * React components and utility methods to use the SO tagging feature * @@ -72,13 +65,6 @@ export interface SavedObjectsTaggingApiUi { */ getTagList(): Tag[]; - /** - * Type-guard to safely manipulate tag-enhanced `SavedObject` from the `savedObject` plugin. - * - * @param object - */ - hasTagDecoration(object: SavedObjectClass): object is TagDecoratedSavedObject; - /** * Return a filter that can be used to filter by tag with `EuiSearchBar` or EUI tables using `EuiSearchBar`. * diff --git a/src/plugins/saved_objects_tagging_oss/public/decorator/decorate_config.test.mocks.ts b/src/plugins/saved_objects_tagging_oss/public/decorator/decorate_config.test.mocks.ts deleted file mode 100644 index 5ca655b8a667d..0000000000000 --- a/src/plugins/saved_objects_tagging_oss/public/decorator/decorate_config.test.mocks.ts +++ /dev/null @@ -1,18 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -export const injectTagReferencesMock = jest.fn(); -jest.doMock('./inject_tag_references', () => ({ - injectTagReferences: injectTagReferencesMock, -})); - -export const extractTagReferencesMock = jest.fn(); -jest.doMock('./extract_tag_references', () => ({ - extractTagReferences: extractTagReferencesMock, -})); diff --git a/src/plugins/saved_objects_tagging_oss/public/decorator/decorate_config.test.ts b/src/plugins/saved_objects_tagging_oss/public/decorator/decorate_config.test.ts deleted file mode 100644 index 37536804e6c87..0000000000000 --- a/src/plugins/saved_objects_tagging_oss/public/decorator/decorate_config.test.ts +++ /dev/null @@ -1,133 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import { extractTagReferencesMock, injectTagReferencesMock } from './decorate_config.test.mocks'; - -import { SavedObjectConfig } from '@kbn/saved-objects-plugin/public'; -import { decorateConfig } from './decorate_config'; - -describe('decorateConfig', () => { - afterEach(() => { - extractTagReferencesMock.mockReset(); - injectTagReferencesMock.mockReset(); - }); - - describe('mapping', () => { - it('adds the `__tags` key to the config mapping', () => { - const config: SavedObjectConfig = { - mapping: { - someText: 'text', - someNum: 'number', - }, - }; - - decorateConfig(config); - - expect(config.mapping).toEqual({ - __tags: 'text', - someText: 'text', - someNum: 'number', - }); - }); - - it('adds mapping to the config if missing', () => { - const config: SavedObjectConfig = {}; - - decorateConfig(config); - - expect(config.mapping).toEqual({ - __tags: 'text', - }); - }); - }); - - describe('injectReferences', () => { - it('decorates to only call `injectTagReferences` when not present on the config', () => { - const config: SavedObjectConfig = {}; - - decorateConfig(config); - - const object: any = Symbol('object'); - const references: any = Symbol('referebces'); - - config.injectReferences!(object, references); - - expect(injectTagReferencesMock).toHaveBeenCalledTimes(1); - expect(injectTagReferencesMock).toHaveBeenCalledWith(object, references); - }); - - it('decorates to call both functions when present on the config', () => { - const initialInjectReferences = jest.fn(); - - const config: SavedObjectConfig = { - injectReferences: initialInjectReferences, - }; - - decorateConfig(config); - - const object: any = Symbol('object'); - const references: any = Symbol('references'); - - config.injectReferences!(object, references); - - expect(initialInjectReferences).toHaveBeenCalledTimes(1); - expect(initialInjectReferences).toHaveBeenCalledWith(object, references); - - expect(injectTagReferencesMock).toHaveBeenCalledTimes(1); - expect(injectTagReferencesMock).toHaveBeenCalledWith(object, references); - }); - }); - - describe('extractReferences', () => { - it('decorates to only call `extractTagReference` when not present on the config', () => { - const config: SavedObjectConfig = {}; - - decorateConfig(config); - - const params: any = Symbol('params'); - const expectedReturn = Symbol('return-from-extractTagReferences'); - - extractTagReferencesMock.mockReturnValue(expectedReturn); - - const result = config.extractReferences!(params); - - expect(result).toBe(expectedReturn); - - expect(extractTagReferencesMock).toHaveBeenCalledTimes(1); - expect(extractTagReferencesMock).toHaveBeenCalledWith(params); - }); - - it('decorates to call both functions in order when present on the config', () => { - const initialExtractReferences = jest.fn(); - - const config: SavedObjectConfig = { - extractReferences: initialExtractReferences, - }; - - decorateConfig(config); - - const params: any = Symbol('initial-params'); - const initialReturn = Symbol('return-from-initial-extractReferences'); - const tagReturn = Symbol('return-from-extractTagReferences'); - - initialExtractReferences.mockReturnValue(initialReturn); - extractTagReferencesMock.mockReturnValue(tagReturn); - - const result = config.extractReferences!(params); - - expect(initialExtractReferences).toHaveBeenCalledTimes(1); - expect(initialExtractReferences).toHaveBeenCalledWith(params); - - expect(extractTagReferencesMock).toHaveBeenCalledTimes(1); - expect(extractTagReferencesMock).toHaveBeenCalledWith(initialReturn); - - expect(result).toBe(tagReturn); - }); - }); -}); diff --git a/src/plugins/saved_objects_tagging_oss/public/decorator/decorate_config.ts b/src/plugins/saved_objects_tagging_oss/public/decorator/decorate_config.ts deleted file mode 100644 index 8cdb6a4229d44..0000000000000 --- a/src/plugins/saved_objects_tagging_oss/public/decorator/decorate_config.ts +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import { SavedObjectConfig } from '@kbn/saved-objects-plugin/public'; -import { injectTagReferences } from './inject_tag_references'; -import { extractTagReferences } from './extract_tag_references'; - -export const decorateConfig = (config: SavedObjectConfig) => { - config.mapping = { - ...config.mapping, - __tags: 'text', - }; - - const initialExtractReferences = config.extractReferences; - const initialInjectReferences = config.injectReferences; - - config.injectReferences = (object, references) => { - if (initialInjectReferences) { - initialInjectReferences(object, references); - } - injectTagReferences(object, references); - }; - - config.extractReferences = (attrsAndRefs) => { - if (initialExtractReferences) { - attrsAndRefs = initialExtractReferences(attrsAndRefs); - } - return extractTagReferences(attrsAndRefs); - }; -}; diff --git a/src/plugins/saved_objects_tagging_oss/public/decorator/decorate_object.test.ts b/src/plugins/saved_objects_tagging_oss/public/decorator/decorate_object.test.ts deleted file mode 100644 index a997e7c2591a3..0000000000000 --- a/src/plugins/saved_objects_tagging_oss/public/decorator/decorate_object.test.ts +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import { InternalTagDecoratedSavedObject } from './types'; -import { decorateObject } from './decorate_object'; - -const createObject = (): InternalTagDecoratedSavedObject => { - // we really just need TS not to complain here. - return {} as InternalTagDecoratedSavedObject; -}; - -describe('decorateObject', () => { - it('adds the `getTags` method', () => { - const object = createObject(); - object.__tags = ['foo', 'bar']; - - decorateObject(object); - - expect(object.getTags).toBeDefined(); - expect(object.getTags()).toEqual(['foo', 'bar']); - }); - - it('adds the `setTags` method', () => { - const object = createObject(); - object.__tags = ['foo', 'bar']; - - decorateObject(object); - - expect(object.setTags).toBeDefined(); - - object.setTags(['hello', 'dolly']); - - expect(object.getTags()).toEqual(['hello', 'dolly']); - }); -}); diff --git a/src/plugins/saved_objects_tagging_oss/public/decorator/decorate_object.ts b/src/plugins/saved_objects_tagging_oss/public/decorator/decorate_object.ts deleted file mode 100644 index 0c03863b55ea9..0000000000000 --- a/src/plugins/saved_objects_tagging_oss/public/decorator/decorate_object.ts +++ /dev/null @@ -1,22 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import { InternalTagDecoratedSavedObject } from './types'; - -/** - * Enhance the object with tag accessors - */ -export const decorateObject = (object: InternalTagDecoratedSavedObject) => { - object.getTags = () => { - return object.__tags ?? []; - }; - object.setTags = (tagIds) => { - object.__tags = tagIds; - }; -}; diff --git a/src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts b/src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts deleted file mode 100644 index 2ac4c4d0db8c2..0000000000000 --- a/src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts +++ /dev/null @@ -1,101 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import { SavedObjectReference } from '@kbn/core/public'; -import { extractTagReferences } from './extract_tag_references'; - -const ref = (type: string, id: string, name = `ref-to-${type}-${id}`): SavedObjectReference => ({ - id, - type, - name, -}); - -const tagRef = (id: string): SavedObjectReference => ref('tag', id, `tag-${id}`); - -describe('extractTagReferences', () => { - it('generate tag references from the attributes', () => { - const attributes = { - __tags: ['tag-id-1', 'tag-id-2'], - }; - const references: SavedObjectReference[] = []; - - const { references: resultRefs } = extractTagReferences({ - attributes, - references, - }); - - expect(resultRefs).toEqual([tagRef('tag-id-1'), tagRef('tag-id-2')]); - }); - - it('removes the `__tag` property from the attributes', () => { - const attributes = { - someString: 'foo', - someNumber: 42, - __tags: ['tag-id-1', 'tag-id-2'], - }; - const references: SavedObjectReference[] = []; - - const { attributes: resultAttrs } = extractTagReferences({ - attributes, - references, - }); - - expect(resultAttrs).toEqual({ someString: 'foo', someNumber: 42 }); - }); - - it('preserves the other references', () => { - const attributes = { - __tags: ['tag-id-1'], - }; - - const refA = ref('dashboard', 'dash-1'); - const refB = ref('visualization', 'vis-1'); - - const { references: resultRefs } = extractTagReferences({ - attributes, - references: [refA, refB], - }); - - expect(resultRefs).toEqual([refA, refB, tagRef('tag-id-1')]); - }); - - it('does not fail if `attributes` does not contain `__tags`', () => { - const attributes = { - someString: 'foo', - someNumber: 42, - }; - - const refA = ref('dashboard', 'dash-1'); - const refB = ref('visualization', 'vis-1'); - - const { attributes: resultAttrs, references: resultRefs } = extractTagReferences({ - attributes, - references: [refA, refB], - }); - - expect(resultRefs).toEqual([refA, refB]); - expect(resultAttrs).toEqual({ someString: 'foo', someNumber: 42 }); - }); - - it('removes duplicated tags', () => { - const attributes = { - __tags: ['tag-id-1', 'tag-id-1', 'tag-id-1', 'tag-id-1', 'tag-id-2'], - }; - - const { references: resultRefs } = extractTagReferences({ - attributes, - references: [] as SavedObjectReference[], - }); - - expect(resultRefs).toEqual([ - { id: 'tag-id-1', name: 'tag-tag-id-1', type: 'tag' }, - { id: 'tag-id-2', name: 'tag-tag-id-2', type: 'tag' }, - ]); - }); -}); diff --git a/src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.ts b/src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.ts deleted file mode 100644 index 35ee2a75a8803..0000000000000 --- a/src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.ts +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import { SavedObjectConfig } from '@kbn/saved-objects-plugin/public'; - -/** - * Extract the tag references from the object's attribute - * - * (`extractReferences` is used when persisting the saved object to the backend) - */ -export const extractTagReferences: Required['extractReferences'] = ({ - attributes, - references, -}) => { - const { __tags, ...otherAttributes } = attributes; - const tags = [...new Set(__tags as string[])] ?? []; - return { - attributes: otherAttributes, - references: [ - ...references, - ...tags.map((tagId) => ({ - id: tagId, - type: 'tag', - name: `tag-${tagId}`, - })), - ], - }; -}; diff --git a/src/plugins/saved_objects_tagging_oss/public/decorator/factory.ts b/src/plugins/saved_objects_tagging_oss/public/decorator/factory.ts deleted file mode 100644 index 003fa5c626b09..0000000000000 --- a/src/plugins/saved_objects_tagging_oss/public/decorator/factory.ts +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import { SavedObjectDecoratorFactory } from '@kbn/saved-objects-plugin/public'; -import { InternalTagDecoratedSavedObject } from './types'; -import { decorateConfig } from './decorate_config'; -import { decorateObject } from './decorate_object'; - -export const decoratorId = 'tag'; - -export const tagDecoratorFactory: SavedObjectDecoratorFactory< - InternalTagDecoratedSavedObject -> = () => { - return { - getId: () => decoratorId, - decorateConfig, - decorateObject, - }; -}; diff --git a/src/plugins/saved_objects_tagging_oss/public/decorator/index.ts b/src/plugins/saved_objects_tagging_oss/public/decorator/index.ts deleted file mode 100644 index e2c9f0dcf14cf..0000000000000 --- a/src/plugins/saved_objects_tagging_oss/public/decorator/index.ts +++ /dev/null @@ -1,20 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import { SavedObjectDecoratorConfig } from '@kbn/saved-objects-plugin/public'; -import { tagDecoratorFactory, decoratorId } from './factory'; -import { InternalTagDecoratedSavedObject } from './types'; - -export type { TagDecoratedSavedObject } from './types'; - -export const tagDecoratorConfig: SavedObjectDecoratorConfig = { - id: decoratorId, - priority: 100, - factory: tagDecoratorFactory, -}; diff --git a/src/plugins/saved_objects_tagging_oss/public/decorator/inject_tag_references.test.ts b/src/plugins/saved_objects_tagging_oss/public/decorator/inject_tag_references.test.ts deleted file mode 100644 index 2eb3db3937b86..0000000000000 --- a/src/plugins/saved_objects_tagging_oss/public/decorator/inject_tag_references.test.ts +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import { SavedObjectReference } from '@kbn/core/public'; -import { injectTagReferences } from './inject_tag_references'; -import { InternalTagDecoratedSavedObject } from './types'; - -const ref = (type: string, id: string): SavedObjectReference => ({ - id, - type, - name: `ref-to-${type}-${id}`, -}); - -const tagRef = (id: string) => ref('tag', id); - -const createObject = (): InternalTagDecoratedSavedObject => { - // we really just need TS not to complain here. - return {} as InternalTagDecoratedSavedObject; -}; - -describe('injectTagReferences', () => { - let object: InternalTagDecoratedSavedObject; - - beforeEach(() => { - object = createObject(); - }); - - it('injects the `tag` references to the `__tags` field', () => { - const references = [tagRef('tag-id-1'), tagRef('tag-id-2')]; - - injectTagReferences(object, references); - - expect(object.__tags).toEqual(['tag-id-1', 'tag-id-2']); - }); - - it('only process the tag references', () => { - const references = [ - tagRef('tag-id-1'), - ref('dashboard', 'foo'), - tagRef('tag-id-2'), - ref('dashboard', 'baz'), - ]; - - injectTagReferences(object, references); - - expect(object.__tags).toEqual(['tag-id-1', 'tag-id-2']); - }); - - it('injects an empty list when not tag references are present', () => { - injectTagReferences(object, [ref('dashboard', 'foo'), ref('dashboard', 'baz')]); - - expect(object.__tags).toEqual([]); - }); -}); diff --git a/src/plugins/saved_objects_tagging_oss/public/decorator/inject_tag_references.ts b/src/plugins/saved_objects_tagging_oss/public/decorator/inject_tag_references.ts deleted file mode 100644 index fd550a81837f9..0000000000000 --- a/src/plugins/saved_objects_tagging_oss/public/decorator/inject_tag_references.ts +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import { SavedObjectConfig } from '@kbn/saved-objects-plugin/public'; -import { InternalTagDecoratedSavedObject } from './types'; - -/** - * Inject the tags back into the object's references - * - * (`injectReferences`) is used when fetching the object from the backend - */ -export const injectTagReferences: Required['injectReferences'] = ( - object, - references = [] -) => { - (object as unknown as InternalTagDecoratedSavedObject).__tags = references - .filter(({ type }) => type === 'tag') - .map(({ id }) => id); -}; diff --git a/src/plugins/saved_objects_tagging_oss/public/decorator/types.ts b/src/plugins/saved_objects_tagging_oss/public/decorator/types.ts deleted file mode 100644 index b50f1b183ae39..0000000000000 --- a/src/plugins/saved_objects_tagging_oss/public/decorator/types.ts +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import { SavedObject } from '@kbn/saved-objects-plugin/public'; - -/** - * @public - */ -export type TagDecoratedSavedObject = SavedObject & { - getTags(): string[]; - setTags(tags: string[]): void; -}; - -/** - * @internal - */ -export type InternalTagDecoratedSavedObject = TagDecoratedSavedObject & { - __tags: string[]; -}; diff --git a/src/plugins/saved_objects_tagging_oss/public/index.ts b/src/plugins/saved_objects_tagging_oss/public/index.ts index 58dce1bd20842..b754d763427c8 100644 --- a/src/plugins/saved_objects_tagging_oss/public/index.ts +++ b/src/plugins/saved_objects_tagging_oss/public/index.ts @@ -23,11 +23,8 @@ export type { ParsedSearchQuery, ParseSearchQueryOptions, SavedObjectSaveModalTagSelectorComponentProps, - SavedObjectTagDecoratorTypeGuard, GetTableColumnDefinitionOptions, } from './api'; -export type { TagDecoratedSavedObject } from './decorator'; - export const plugin = (initializerContext: PluginInitializerContext) => new SavedObjectTaggingOssPlugin(initializerContext); diff --git a/src/plugins/saved_objects_tagging_oss/public/plugin.test.ts b/src/plugins/saved_objects_tagging_oss/public/plugin.test.ts index 7c26f5a9a8289..bb3f0f0e78f83 100644 --- a/src/plugins/saved_objects_tagging_oss/public/plugin.test.ts +++ b/src/plugins/saved_objects_tagging_oss/public/plugin.test.ts @@ -8,8 +8,6 @@ */ import { coreMock } from '@kbn/core/public/mocks'; -import { savedObjectsPluginMock } from '@kbn/saved-objects-plugin/public/mocks'; -import { tagDecoratorConfig } from './decorator'; import { taggingApiMock } from './api.mock'; import { SavedObjectTaggingOssPlugin } from './plugin'; @@ -22,23 +20,6 @@ describe('SavedObjectTaggingOssPlugin', () => { plugin = new SavedObjectTaggingOssPlugin(coreMock.createPluginInitializerContext()); }); - describe('#setup', () => { - it('registers the tag SO decorator if the `savedObjects` plugin is present', () => { - const savedObjects = savedObjectsPluginMock.createSetupContract(); - - plugin.setup(coreSetup, { savedObjects }); - - expect(savedObjects.registerDecorator).toHaveBeenCalledTimes(1); - expect(savedObjects.registerDecorator).toHaveBeenCalledWith(tagDecoratorConfig); - }); - - it('does not fail if the `savedObjects` plugin is not present', () => { - expect(() => { - plugin.setup(coreSetup, {}); - }).not.toThrow(); - }); - }); - describe('#start', () => { let coreStart: ReturnType; @@ -54,7 +35,7 @@ describe('SavedObjectTaggingOssPlugin', () => { it('returns the tagging API if registered', async () => { const taggingApi = taggingApiMock.create(); - const { registerTaggingApi } = plugin.setup(coreSetup, {}); + const { registerTaggingApi } = plugin.setup(coreSetup); registerTaggingApi(Promise.resolve(taggingApi)); @@ -66,7 +47,7 @@ describe('SavedObjectTaggingOssPlugin', () => { expect(getTaggingApi()).toStrictEqual(taggingApi); }); it('does not return the tagging API if not registered', async () => { - plugin.setup(coreSetup, {}); + plugin.setup(coreSetup); await nextTick(); @@ -76,7 +57,7 @@ describe('SavedObjectTaggingOssPlugin', () => { expect(getTaggingApi()).toBeUndefined(); }); it('does not return the tagging API if resolution promise rejects', async () => { - const { registerTaggingApi } = plugin.setup(coreSetup, {}); + const { registerTaggingApi } = plugin.setup(coreSetup); registerTaggingApi(Promise.reject(new Error('something went bad'))); diff --git a/src/plugins/saved_objects_tagging_oss/public/plugin.ts b/src/plugins/saved_objects_tagging_oss/public/plugin.ts index 94a77dcdf2610..c6097b447ade7 100644 --- a/src/plugins/saved_objects_tagging_oss/public/plugin.ts +++ b/src/plugins/saved_objects_tagging_oss/public/plugin.ts @@ -8,29 +8,18 @@ */ import { CoreSetup, CoreStart, PluginInitializerContext, Plugin } from '@kbn/core/public'; -import { SavedObjectSetup } from '@kbn/saved-objects-plugin/public'; import { SavedObjectTaggingOssPluginSetup, SavedObjectTaggingOssPluginStart } from './types'; import { SavedObjectsTaggingApi } from './api'; -import { tagDecoratorConfig } from './decorator'; - -interface SetupDeps { - savedObjects?: SavedObjectSetup; -} export class SavedObjectTaggingOssPlugin - implements - Plugin + implements Plugin { private apiRegistered = false; private api?: SavedObjectsTaggingApi; constructor(context: PluginInitializerContext) {} - public setup({}: CoreSetup, { savedObjects }: SetupDeps) { - if (savedObjects) { - savedObjects.registerDecorator(tagDecoratorConfig); - } - + public setup({}: CoreSetup) { return { registerTaggingApi: (provider: Promise) => { if (this.apiRegistered) { diff --git a/src/plugins/saved_objects_tagging_oss/tsconfig.json b/src/plugins/saved_objects_tagging_oss/tsconfig.json index 6b98cba4cbd12..fa0436bab9161 100644 --- a/src/plugins/saved_objects_tagging_oss/tsconfig.json +++ b/src/plugins/saved_objects_tagging_oss/tsconfig.json @@ -9,7 +9,6 @@ ], "kbn_references": [ "@kbn/core", - "@kbn/saved-objects-plugin", ], "exclude": [ "target/**/*", diff --git a/src/plugins/unified_search/public/query_string_input/esql_menu_popover.tsx b/src/plugins/unified_search/public/query_string_input/esql_menu_popover.tsx index d684448670c42..379b5563917fa 100644 --- a/src/plugins/unified_search/public/query_string_input/esql_menu_popover.tsx +++ b/src/plugins/unified_search/public/query_string_input/esql_menu_popover.tsx @@ -19,7 +19,7 @@ import { import { useKibana } from '@kbn/kibana-react-plugin/public'; import { i18n } from '@kbn/i18n'; import { FEEDBACK_LINK } from '@kbn/esql-utils'; -import { LanguageDocumentationFlyout } from '@kbn/language-documentation-popover'; +import { LanguageDocumentationFlyout } from '@kbn/language-documentation'; import type { IUnifiedSearchPluginServices } from '../types'; export const ESQLMenuPopover = () => { diff --git a/src/plugins/unified_search/tsconfig.json b/src/plugins/unified_search/tsconfig.json index e836f3c6daa67..bedfe03c2851f 100644 --- a/src/plugins/unified_search/tsconfig.json +++ b/src/plugins/unified_search/tsconfig.json @@ -47,7 +47,7 @@ "@kbn/esql-utils", "@kbn/react-kibana-mount", "@kbn/field-utils", - "@kbn/language-documentation-popover" + "@kbn/language-documentation" ], "exclude": [ "target/**/*", diff --git a/src/plugins/visualizations/public/mocks.ts b/src/plugins/visualizations/public/mocks.ts index fbc61c871bd59..626bab7b9e0ed 100644 --- a/src/plugins/visualizations/public/mocks.ts +++ b/src/plugins/visualizations/public/mocks.ts @@ -17,7 +17,6 @@ import { dataViewPluginMocks } from '@kbn/data-views-plugin/public/mocks'; import { indexPatternEditorPluginMock } from '@kbn/data-view-editor-plugin/public/mocks'; import { uiActionsPluginMock } from '@kbn/ui-actions-plugin/public/mocks'; import { inspectorPluginMock } from '@kbn/inspector-plugin/public/mocks'; -import { savedObjectsPluginMock } from '@kbn/saved-objects-plugin/public/mocks'; import { urlForwardingPluginMock } from '@kbn/url-forwarding-plugin/public/mocks'; import { navigationPluginMock } from '@kbn/navigation-plugin/public/mocks'; import { presentationUtilPluginMock } from '@kbn/presentation-util-plugin/public/mocks'; @@ -77,7 +76,6 @@ const createInstance = async () => { embeddable: embeddablePluginMock.createStartContract(), spaces: spacesPluginMock.createStartContract(), savedObjectsClient: coreMock.createStart().savedObjects.client, - savedObjects: savedObjectsPluginMock.createStartContract(), savedObjectsTaggingOss: savedObjectTaggingOssPluginMock.createStart(), savedSearch: savedSearchPluginMock.createStartContract(), navigation: navigationPluginMock.createStartContract(), diff --git a/src/plugins/visualizations/public/plugin.ts b/src/plugins/visualizations/public/plugin.ts index 24a2c488e0f79..fcb3dc5137161 100644 --- a/src/plugins/visualizations/public/plugin.ts +++ b/src/plugins/visualizations/public/plugin.ts @@ -38,7 +38,6 @@ import type { SavedObjectsClientContract, } from '@kbn/core/public'; import { UiActionsStart, UiActionsSetup, ADD_PANEL_TRIGGER } from '@kbn/ui-actions-plugin/public'; -import type { SavedObjectsStart } from '@kbn/saved-objects-plugin/public'; import type { FieldFormatsStart } from '@kbn/field-formats-plugin/public'; import type { Setup as InspectorSetup, @@ -166,7 +165,6 @@ export interface VisualizationsStartDeps { application: ApplicationStart; navigation: NavigationStart; presentationUtil: PresentationUtilPluginStart; - savedObjects: SavedObjectsStart; savedObjectsClient: SavedObjectsClientContract; savedSearch: SavedSearchPublicPluginStart; spaces?: SpacesPluginStart; diff --git a/test/functional/apps/console/_console.ts b/test/functional/apps/console/_console.ts index 64d71ddbfc82d..27339c408de85 100644 --- a/test/functional/apps/console/_console.ts +++ b/test/functional/apps/console/_console.ts @@ -142,6 +142,16 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { }); }); + it('should send request with mixed case methods', async () => { + await PageObjects.console.clearEditorText(); + await PageObjects.console.enterText('Get /'); + await PageObjects.console.clickPlay(); + await retry.try(async () => { + const status = await PageObjects.console.getResponseStatus(); + expect(status).to.eql(200); + }); + }); + describe('with kbn: prefix in request', () => { before(async () => { await PageObjects.console.clearEditorText(); diff --git a/test/functional/apps/dashboard/group4/dashboard_empty.ts b/test/functional/apps/dashboard/group4/dashboard_empty.ts index 574181b614d01..e07f3d75fd0b0 100644 --- a/test/functional/apps/dashboard/group4/dashboard_empty.ts +++ b/test/functional/apps/dashboard/group4/dashboard_empty.ts @@ -19,6 +19,7 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { const dataViews = getService('dataViews'); const { common, dashboard, header } = getPageObjects(['common', 'dashboard', 'header']); + // Failing: See https://github.com/elastic/kibana/issues/165745 // Failing: See https://github.com/elastic/kibana/issues/165745 describe.skip('dashboard empty state', () => { const kbnDirectory = 'test/functional/fixtures/kbn_archiver/dashboard/current/kibana'; diff --git a/tsconfig.base.json b/tsconfig.base.json index fb6fea769fc64..a1687ebbd835d 100644 --- a/tsconfig.base.json +++ b/tsconfig.base.json @@ -702,6 +702,8 @@ "@kbn/data-service/*": ["packages/kbn-data-service/*"], "@kbn/data-stream-adapter": ["packages/kbn-data-stream-adapter"], "@kbn/data-stream-adapter/*": ["packages/kbn-data-stream-adapter/*"], + "@kbn/data-usage-plugin": ["x-pack/plugins/data_usage"], + "@kbn/data-usage-plugin/*": ["x-pack/plugins/data_usage/*"], "@kbn/data-view-editor-plugin": ["src/plugins/data_view_editor"], "@kbn/data-view-editor-plugin/*": ["src/plugins/data_view_editor/*"], "@kbn/data-view-field-editor-example-plugin": ["examples/data_view_field_editor_example"], @@ -1098,8 +1100,8 @@ "@kbn/kubernetes-security-plugin/*": ["x-pack/plugins/kubernetes_security/*"], "@kbn/langchain": ["x-pack/packages/kbn-langchain"], "@kbn/langchain/*": ["x-pack/packages/kbn-langchain/*"], - "@kbn/language-documentation-popover": ["packages/kbn-language-documentation-popover"], - "@kbn/language-documentation-popover/*": ["packages/kbn-language-documentation-popover/*"], + "@kbn/language-documentation": ["packages/kbn-language-documentation"], + "@kbn/language-documentation/*": ["packages/kbn-language-documentation/*"], "@kbn/lens-config-builder-example-plugin": ["x-pack/examples/lens_config_builder_example"], "@kbn/lens-config-builder-example-plugin/*": ["x-pack/examples/lens_config_builder_example/*"], "@kbn/lens-embeddable-utils": ["packages/kbn-lens-embeddable-utils"], diff --git a/x-pack/.i18nrc.json b/x-pack/.i18nrc.json index a36cc693a6b71..8082fa6f8ede2 100644 --- a/x-pack/.i18nrc.json +++ b/x-pack/.i18nrc.json @@ -31,6 +31,7 @@ "xpack.dashboard": "plugins/dashboard_enhanced", "xpack.dataQuality": "plugins/data_quality", "xpack.datasetQuality": "plugins/observability_solution/dataset_quality", + "xpack.dataUsage": "plugins/data_usage", "xpack.discover": "plugins/discover_enhanced", "xpack.crossClusterReplication": "plugins/cross_cluster_replication", "xpack.elasticAssistant": "packages/kbn-elastic-assistant", diff --git a/x-pack/packages/kbn-cloud-security-posture-common/constants.ts b/x-pack/packages/kbn-cloud-security-posture-common/constants.ts index 2772b6ae6d9c7..0e8b1b3e16cfa 100644 --- a/x-pack/packages/kbn-cloud-security-posture-common/constants.ts +++ b/x-pack/packages/kbn-cloud-security-posture-common/constants.ts @@ -26,3 +26,10 @@ export const CLOUD_SECURITY_POSTURE_BASE_PATH = '/cloud_security_posture'; export const CDR_MISCONFIGURATIONS_DATA_VIEW_ID_PREFIX = 'security_solution_cdr_latest_misconfigurations'; export const SECURITY_DEFAULT_DATA_VIEW_ID = 'security-solution-default'; + +export const CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN = + 'logs-cloud_security_posture.vulnerabilities_latest-default'; +export const CDR_LATEST_THIRD_PARTY_VULNERABILITIES_INDEX_PATTERN = + 'security_solution-*.vulnerability_latest'; +export const CDR_VULNERABILITIES_INDEX_PATTERN = `${CDR_LATEST_THIRD_PARTY_VULNERABILITIES_INDEX_PATTERN},${CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN}`; +export const LATEST_VULNERABILITIES_RETENTION_POLICY = '3d'; diff --git a/x-pack/packages/kbn-cloud-security-posture-common/index.ts b/x-pack/packages/kbn-cloud-security-posture-common/index.ts index 86ed573fc3915..4cb5a8d6e1bd8 100644 --- a/x-pack/packages/kbn-cloud-security-posture-common/index.ts +++ b/x-pack/packages/kbn-cloud-security-posture-common/index.ts @@ -19,9 +19,11 @@ export type { } from './types/status'; export type { CspFinding, CspFindingResult } from './types/findings'; export type { BenchmarksCisId } from './types/benchmark'; +export type { VulnSeverity } from './types/vulnerabilities'; export * from './constants'; export { extractErrorMessage, buildMutedRulesFilter, buildEntityFlyoutPreviewQuery, } from './utils/helpers'; +export { getAbbreviatedNumber } from './utils/get_abbreviated_number'; diff --git a/x-pack/plugins/cloud_security_posture/common/schemas/csp_vulnerability_finding.ts b/x-pack/packages/kbn-cloud-security-posture-common/schema/vulnerabilities/csp_vulnerability_finding.ts similarity index 97% rename from x-pack/plugins/cloud_security_posture/common/schemas/csp_vulnerability_finding.ts rename to x-pack/packages/kbn-cloud-security-posture-common/schema/vulnerabilities/csp_vulnerability_finding.ts index 10b3dbb96b1d3..b2255b8fa51f8 100644 --- a/x-pack/plugins/cloud_security_posture/common/schemas/csp_vulnerability_finding.ts +++ b/x-pack/packages/kbn-cloud-security-posture-common/schema/vulnerabilities/csp_vulnerability_finding.ts @@ -7,7 +7,7 @@ // TODO: this needs to be defined in a versioned schema import type { EcsEvent } from '@elastic/ecs'; -import { VulnSeverity } from '../types_old'; +import type { VulnSeverity } from '../../types/vulnerabilities'; export interface CspVulnerabilityFinding { '@timestamp': string; diff --git a/x-pack/plugins/cloud_security_posture/common/schemas/index.ts b/x-pack/packages/kbn-cloud-security-posture-common/schema/vulnerabilities/latest.ts similarity index 99% rename from x-pack/plugins/cloud_security_posture/common/schemas/index.ts rename to x-pack/packages/kbn-cloud-security-posture-common/schema/vulnerabilities/latest.ts index 8c8dcdc52f0f4..961d1bf9dc49d 100644 --- a/x-pack/plugins/cloud_security_posture/common/schemas/index.ts +++ b/x-pack/packages/kbn-cloud-security-posture-common/schema/vulnerabilities/latest.ts @@ -4,4 +4,5 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ + export * from './csp_vulnerability_finding'; diff --git a/x-pack/packages/kbn-cloud-security-posture-common/types/vulnerabilities.ts b/x-pack/packages/kbn-cloud-security-posture-common/types/vulnerabilities.ts new file mode 100644 index 0000000000000..e4360c1307e0a --- /dev/null +++ b/x-pack/packages/kbn-cloud-security-posture-common/types/vulnerabilities.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export type VulnSeverity = 'LOW' | 'MEDIUM' | 'HIGH' | 'CRITICAL' | 'UNKNOWN'; diff --git a/x-pack/plugins/cloud_security_posture/public/common/utils/get_abbreviated_number.test.ts b/x-pack/packages/kbn-cloud-security-posture-common/utils/get_abbreviated_number.test.ts similarity index 100% rename from x-pack/plugins/cloud_security_posture/public/common/utils/get_abbreviated_number.test.ts rename to x-pack/packages/kbn-cloud-security-posture-common/utils/get_abbreviated_number.test.ts diff --git a/x-pack/plugins/cloud_security_posture/public/common/utils/get_abbreviated_number.ts b/x-pack/packages/kbn-cloud-security-posture-common/utils/get_abbreviated_number.ts similarity index 100% rename from x-pack/plugins/cloud_security_posture/public/common/utils/get_abbreviated_number.ts rename to x-pack/packages/kbn-cloud-security-posture-common/utils/get_abbreviated_number.ts diff --git a/x-pack/plugins/cloud_security_posture/common/constants.ts b/x-pack/plugins/cloud_security_posture/common/constants.ts index fc6fc7d76bf7f..e5d95b882b2e7 100644 --- a/x-pack/plugins/cloud_security_posture/common/constants.ts +++ b/x-pack/plugins/cloud_security_posture/common/constants.ts @@ -6,12 +6,8 @@ */ import { KSPM_POLICY_TEMPLATE, CSPM_POLICY_TEMPLATE } from '@kbn/cloud-security-posture-common'; -import { - AwsCredentialsTypeFieldMap, - GcpCredentialsTypeFieldMap, - PostureTypes, - VulnSeverity, -} from './types_old'; +import type { VulnSeverity } from '@kbn/cloud-security-posture-common'; +import { AwsCredentialsTypeFieldMap, GcpCredentialsTypeFieldMap, PostureTypes } from './types_old'; export const CLOUD_SECURITY_INTERTAL_PREFIX_ROUTE_PATH = '/internal/cloud_security_posture/'; @@ -61,14 +57,6 @@ export const VULNERABILITIES_INDEX_DEFAULT_NS = export const LATEST_VULNERABILITIES_INDEX_TEMPLATE_NAME = 'logs-cloud_security_posture.vulnerabilities_latest'; -export const CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN = - 'logs-cloud_security_posture.vulnerabilities_latest-default'; -export const CDR_LATEST_THIRD_PARTY_VULNERABILITIES_INDEX_PATTERN = - 'security_solution-*.vulnerability_latest'; -export const CDR_VULNERABILITIES_INDEX_PATTERN = `${CDR_LATEST_THIRD_PARTY_VULNERABILITIES_INDEX_PATTERN},${CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN}`; - -export const LATEST_VULNERABILITIES_RETENTION_POLICY = '3d'; - export const SECURITY_DEFAULT_DATA_VIEW_ID = 'security-solution-default'; export const ALERTS_INDEX_PATTERN = '.alerts-security.alerts-*'; diff --git a/x-pack/plugins/cloud_security_posture/common/types_old.ts b/x-pack/plugins/cloud_security_posture/common/types_old.ts index c6531605bc328..be5366b89bc24 100644 --- a/x-pack/plugins/cloud_security_posture/common/types_old.ts +++ b/x-pack/plugins/cloud_security_posture/common/types_old.ts @@ -151,8 +151,6 @@ export interface CnvmDashboardData { topVulnerabilities: VulnerabilityStat[]; } -export type VulnSeverity = 'LOW' | 'MEDIUM' | 'HIGH' | 'CRITICAL' | 'UNKNOWN'; - export interface VulnerableResourceStat { vulnerabilityCount: number | undefined; resource: { diff --git a/x-pack/plugins/cloud_security_posture/public/common/utils/get_vulnerability_colors.ts b/x-pack/plugins/cloud_security_posture/public/common/utils/get_vulnerability_colors.ts index db5776bb82ccc..fc63ac1131faa 100644 --- a/x-pack/plugins/cloud_security_posture/public/common/utils/get_vulnerability_colors.ts +++ b/x-pack/plugins/cloud_security_posture/public/common/utils/get_vulnerability_colors.ts @@ -6,8 +6,8 @@ */ import { euiThemeVars } from '@kbn/ui-theme'; +import type { VulnSeverity } from '@kbn/cloud-security-posture-common'; import { VULNERABILITIES_SEVERITY } from '../../../common/constants'; -import { VulnSeverity } from '../../../common/types_old'; export const getCvsScoreColor = (score: number): string | undefined => { if (score <= 4) { diff --git a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/additional_controls.tsx b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/additional_controls.tsx index b967384161949..856c2a5c91d75 100644 --- a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/additional_controls.tsx +++ b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/additional_controls.tsx @@ -8,9 +8,9 @@ import React, { FC, PropsWithChildren } from 'react'; import { EuiButtonEmpty, EuiFlexItem } from '@elastic/eui'; import { type DataView } from '@kbn/data-views-plugin/common'; import { FormattedMessage } from '@kbn/i18n-react'; +import { getAbbreviatedNumber } from '@kbn/cloud-security-posture-common'; import { FieldsSelectorModal, useFieldsModal } from './fields_selector'; import { useStyles } from './use_styles'; -import { getAbbreviatedNumber } from '../../common/utils/get_abbreviated_number'; import { CSP_FIELDS_SELECTOR_OPEN_BUTTON } from '../test_subjects'; const GroupSelectorWrapper: FC> = ({ children }) => { diff --git a/x-pack/plugins/cloud_security_posture/public/components/vulnerability_badges.tsx b/x-pack/plugins/cloud_security_posture/public/components/vulnerability_badges.tsx index 7d29cda67e9d4..cb4fbbad83a35 100644 --- a/x-pack/plugins/cloud_security_posture/public/components/vulnerability_badges.tsx +++ b/x-pack/plugins/cloud_security_posture/public/components/vulnerability_badges.tsx @@ -9,8 +9,8 @@ import { EuiBadge, EuiIcon, EuiTextColor } from '@elastic/eui'; import React from 'react'; import { css } from '@emotion/react'; import { float } from '@elastic/elasticsearch/lib/api/typesWithBodyKey'; +import type { VulnSeverity } from '@kbn/cloud-security-posture-common'; import { getCvsScoreColor, getSeverityStatusColor } from '../common/utils/get_vulnerability_colors'; -import { VulnSeverity } from '../../common/types_old'; import { VULNERABILITIES_CVSS_SCORE_BADGE_SUBJ } from './test_subjects'; interface CVSScoreBadgeProps { diff --git a/x-pack/plugins/cloud_security_posture/public/components/vulnerability_severity_map.tsx b/x-pack/plugins/cloud_security_posture/public/components/vulnerability_severity_map.tsx index b22846b624b9c..74341095caac2 100644 --- a/x-pack/plugins/cloud_security_posture/public/components/vulnerability_severity_map.tsx +++ b/x-pack/plugins/cloud_security_posture/public/components/vulnerability_severity_map.tsx @@ -15,9 +15,9 @@ import { EuiText, } from '@elastic/eui'; import { PaletteColorStop } from '@elastic/eui/src/components/color_picker/color_palette_picker'; +import type { VulnSeverity } from '@kbn/cloud-security-posture-common'; import { i18n } from '@kbn/i18n'; import { getSeverityStatusColor } from '../common/utils/get_vulnerability_colors'; -import { VulnSeverity } from '../../common/types_old'; import { SeverityStatusBadge } from './vulnerability_badges'; interface Props { diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_group_renderer.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_group_renderer.tsx index e2ea550447af1..b4ad5d15ec8e9 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_group_renderer.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_group_renderer.tsx @@ -17,13 +17,13 @@ import { css } from '@emotion/react'; import { GroupPanelRenderer, GroupStatsItem, RawBucket } from '@kbn/grouping/src'; import React from 'react'; import { i18n } from '@kbn/i18n'; +import { getAbbreviatedNumber } from '@kbn/cloud-security-posture-common'; import { FINDINGS_GROUPING_OPTIONS } from '../../../common/constants'; import { firstNonNullValue, LoadingGroup, NullGroup, } from '../../../components/cloud_security_grouping'; -import { getAbbreviatedNumber } from '../../../common/utils/get_abbreviated_number'; import { CISBenchmarkIcon } from '../../../components/cis_benchmark_icon'; import { ComplianceScoreBar } from '../../../components/compliance_score_bar'; import { FindingsGroupingAggregation } from './use_grouped_findings'; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/layout/findings_distribution_bar.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/layout/findings_distribution_bar.tsx index f737589aa2a4a..3fe31785f81df 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/configurations/layout/findings_distribution_bar.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/layout/findings_distribution_bar.tsx @@ -9,7 +9,7 @@ import { css } from '@emotion/react'; import { EuiHealth, EuiBadge, EuiSpacer, EuiFlexGroup, useEuiTheme } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { statusColors } from '@kbn/cloud-security-posture'; -import { getAbbreviatedNumber } from '../../../common/utils/get_abbreviated_number'; +import { getAbbreviatedNumber } from '@kbn/cloud-security-posture-common'; import { RULE_FAILED, RULE_PASSED } from '../../../../common/constants'; import type { Evaluation } from '../../../../common/types_old'; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/_mocks_/vulnerability.mock.ts b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/_mocks_/vulnerability.mock.ts index e66f9b33d7e91..46a6197360de9 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/_mocks_/vulnerability.mock.ts +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/_mocks_/vulnerability.mock.ts @@ -5,7 +5,7 @@ * 2.0. */ -import { CspVulnerabilityFinding } from '../../../../common/schemas'; +import type { CspVulnerabilityFinding } from '@kbn/cloud-security-posture-common/schema/vulnerabilities/latest'; export const mockVulnerabilityHit: CspVulnerabilityFinding = { '@timestamp': '2023-03-30T10:27:35.013Z', diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/hooks/use_grouped_vulnerabilities.tsx b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/hooks/use_grouped_vulnerabilities.tsx index 72815ef434ef9..580926340438f 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/hooks/use_grouped_vulnerabilities.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/hooks/use_grouped_vulnerabilities.tsx @@ -11,7 +11,7 @@ import { GenericBuckets, GroupingQuery, RootAggregation } from '@kbn/grouping/sr import { useQuery } from '@tanstack/react-query'; import { lastValueFrom } from 'rxjs'; import { showErrorToast } from '@kbn/cloud-security-posture'; -import { CDR_VULNERABILITIES_INDEX_PATTERN } from '../../../../common/constants'; +import { CDR_VULNERABILITIES_INDEX_PATTERN } from '@kbn/cloud-security-posture-common'; import { useKibana } from '../../../common/hooks/use_kibana'; // Elasticsearch returns `null` when a sub-aggregation cannot be computed diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/hooks/use_latest_vulnerabilities.tsx b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/hooks/use_latest_vulnerabilities.tsx index c4c73f0ce5db2..3e5bd646e7993 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/hooks/use_latest_vulnerabilities.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/hooks/use_latest_vulnerabilities.tsx @@ -16,14 +16,14 @@ import { } from '@elastic/elasticsearch/lib/api/typesWithBodyKey'; import { buildDataTableRecord } from '@kbn/discover-utils'; import { EsHitRecord } from '@kbn/discover-utils/types'; -import { MAX_FINDINGS_TO_LOAD } from '@kbn/cloud-security-posture-common'; -import { FindingsBaseEsQuery, showErrorToast } from '@kbn/cloud-security-posture'; -import { VULNERABILITY_FIELDS } from '../../../common/constants'; -import { CspVulnerabilityFinding } from '../../../../common/schemas'; import { + MAX_FINDINGS_TO_LOAD, CDR_VULNERABILITIES_INDEX_PATTERN, LATEST_VULNERABILITIES_RETENTION_POLICY, -} from '../../../../common/constants'; +} from '@kbn/cloud-security-posture-common'; +import { FindingsBaseEsQuery, showErrorToast } from '@kbn/cloud-security-posture'; +import type { CspVulnerabilityFinding } from '@kbn/cloud-security-posture-common/schema/vulnerabilities/latest'; +import { VULNERABILITY_FIELDS } from '../../../common/constants'; import { useKibana } from '../../../common/hooks/use_kibana'; import { getCaseInsensitiveSortScript } from '../utils/custom_sort_script'; type LatestFindingsRequest = IKibanaSearchRequest; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/hooks/use_latest_vulnerabilities_grouping.tsx b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/hooks/use_latest_vulnerabilities_grouping.tsx index e713a0ad6aad9..f615ccdb4a293 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/hooks/use_latest_vulnerabilities_grouping.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/hooks/use_latest_vulnerabilities_grouping.tsx @@ -14,6 +14,7 @@ import { parseGroupingQuery, } from '@kbn/grouping/src'; import { useMemo } from 'react'; +import { LATEST_VULNERABILITIES_RETENTION_POLICY } from '@kbn/cloud-security-posture-common'; import { buildEsQuery, Filter } from '@kbn/es-query'; import { LOCAL_STORAGE_VULNERABILITIES_GROUPING_KEY, @@ -21,10 +22,7 @@ import { VULNERABILITY_FIELDS, } from '../../../common/constants'; import { useDataViewContext } from '../../../common/contexts/data_view_context'; -import { - LATEST_VULNERABILITIES_RETENTION_POLICY, - VULNERABILITIES_SEVERITY, -} from '../../../../common/constants'; +import { VULNERABILITIES_SEVERITY } from '../../../../common/constants'; import { VulnerabilitiesGroupingAggregation, VulnerabilitiesRootGroupingAggregation, diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/latest_vulnerabilities_group_renderer.tsx b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/latest_vulnerabilities_group_renderer.tsx index 242c61b7276ad..c05cff298fc34 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/latest_vulnerabilities_group_renderer.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/latest_vulnerabilities_group_renderer.tsx @@ -17,11 +17,11 @@ import { css } from '@emotion/react'; import { GroupPanelRenderer, GroupStatsItem, RawBucket } from '@kbn/grouping/src'; import React from 'react'; import { FormattedMessage } from '@kbn/i18n-react'; +import { getAbbreviatedNumber } from '@kbn/cloud-security-posture-common'; import { getCloudProviderNameFromAbbreviation } from '../../../common/utils/helpers'; import { VulnerabilitiesGroupingAggregation } from './hooks/use_grouped_vulnerabilities'; import { VULNERABILITIES_GROUPING_COUNTER } from './test_subjects'; import { NULL_GROUPING_MESSAGES, NULL_GROUPING_UNIT, VULNERABILITIES } from './translations'; -import { getAbbreviatedNumber } from '../../common/utils/get_abbreviated_number'; import { firstNonNullValue, LoadingGroup, diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/latest_vulnerabilities_table.tsx b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/latest_vulnerabilities_table.tsx index ac215d4e12cf7..1a6ae8f660bc0 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/latest_vulnerabilities_table.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/latest_vulnerabilities_table.tsx @@ -11,8 +11,8 @@ import { i18n } from '@kbn/i18n'; import { EuiDataGridCellValueElementProps, EuiSpacer } from '@elastic/eui'; import { Filter } from '@kbn/es-query'; import { HttpSetup } from '@kbn/core-http-browser'; +import type { CspVulnerabilityFinding } from '@kbn/cloud-security-posture-common/schema/vulnerabilities/latest'; import { getDatasetDisplayName } from '../../common/utils/get_dataset_display_name'; -import { CspVulnerabilityFinding } from '../../../common/schemas'; import { CloudSecurityDataTable } from '../../components/cloud_security_data_table'; import { useLatestVulnerabilitiesTable } from './hooks/use_latest_vulnerabilities_table'; import { LATEST_VULNERABILITIES_TABLE } from './test_subjects'; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/test_subjects.ts b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/test_subjects.ts index b1eddf50f7c14..6393bd8799683 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/test_subjects.ts +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/test_subjects.ts @@ -11,6 +11,7 @@ export const JSON_TAB_VULNERABILITY_FLYOUT = 'vulnerability_json_tab_flyout'; export const OVERVIEW_TAB_VULNERABILITY_FLYOUT = 'vulnerability_overview_tab_flyout'; export const DATA_SOURCE_VULNERABILITY_FLYOUT = 'vulnerability_flyout_data_source_display_box'; export const PUBLISHED_DATE_VULNERABILITY_FLYOUT = 'vulnerability_flyout_date_display_box'; +export const VULNERABILITY_SCORES_FLYOUT = 'vulnerability_flyout_score'; export const TAB_ID_VULNERABILITY_FLYOUT = (tabId: string) => `vulnerability-finding-flyout-tab-${tabId}`; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/types.ts b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/types.ts index e0c97ce6ff76d..22a62a25f8cd4 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/types.ts +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/types.ts @@ -5,7 +5,7 @@ * 2.0. */ -import { VectorScoreBase } from '../../../common/schemas'; +import { VectorScoreBase } from '@kbn/cloud-security-posture-common/schema/vulnerabilities/latest'; export type Vendor = 'NVD' | 'Red Hat' | 'GHSA'; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/utils/create_detection_rule_from_vulnerability.ts b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/utils/create_detection_rule_from_vulnerability.ts index 3680c7a6af844..7e817a3d56a15 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/utils/create_detection_rule_from_vulnerability.ts +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/utils/create_detection_rule_from_vulnerability.ts @@ -7,9 +7,9 @@ import { HttpSetup } from '@kbn/core/public'; import { i18n } from '@kbn/i18n'; -import type { Vulnerability } from '../../../../common/schemas'; +import { LATEST_VULNERABILITIES_RETENTION_POLICY } from '@kbn/cloud-security-posture-common'; +import type { Vulnerability } from '@kbn/cloud-security-posture-common/schema/vulnerabilities/latest'; import { - LATEST_VULNERABILITIES_RETENTION_POLICY, VULNERABILITIES_INDEX_PATTERN, VULNERABILITIES_SEVERITY, } from '../../../../common/constants'; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/utils/get_vector_score_list.ts b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/utils/get_vector_score_list.ts index b4f6bd90389fd..c9190a001b3b5 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/utils/get_vector_score_list.ts +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/utils/get_vector_score_list.ts @@ -5,7 +5,7 @@ * 2.0. */ -import { VectorScoreBase } from '../../../../common/schemas'; +import { VectorScoreBase } from '@kbn/cloud-security-posture-common/schema/vulnerabilities/latest'; import { Vector } from '../types'; export const getVectorScoreList = (vectorBaseScore: VectorScoreBase) => { diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_detection_rule_counter.tsx b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_detection_rule_counter.tsx index b05013353b2b8..facb4817cec51 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_detection_rule_counter.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_detection_rule_counter.tsx @@ -7,8 +7,8 @@ import React from 'react'; import type { HttpSetup } from '@kbn/core/public'; +import type { CspVulnerabilityFinding } from '@kbn/cloud-security-posture-common/schema/vulnerabilities/latest'; import { CSP_VULN_DATASET } from '../../../common/utils/get_dataset_display_name'; -import { CspVulnerabilityFinding } from '../../../../common/schemas'; import { DetectionRuleCounter } from '../../../components/detection_rule_counter'; import { createDetectionRuleFromVulnerabilityFinding } from '../utils/create_detection_rule_from_vulnerability'; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.test.tsx b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.test.tsx index 081eff33c5c96..8f3f37390cfae 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.test.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.test.tsx @@ -17,6 +17,7 @@ import { DATA_SOURCE_VULNERABILITY_FLYOUT, FINDINGS_VULNERABILITY_FLYOUT_DESCRIPTION_LIST, PUBLISHED_DATE_VULNERABILITY_FLYOUT, + VULNERABILITY_SCORES_FLYOUT, } from '../test_subjects'; import { EMPTY_VALUE } from '../../configurations/findings_flyout/findings_flyout'; @@ -93,8 +94,10 @@ describe('', () => { ); const dataSource = getByTestId(DATA_SOURCE_VULNERABILITY_FLYOUT); const publisedDate = getByTestId(PUBLISHED_DATE_VULNERABILITY_FLYOUT); + const vulnerabilityScores = getByTestId(VULNERABILITY_SCORES_FLYOUT); expect(dataSource.textContent).toEqual(`Data Source${EMPTY_VALUE}`); expect(publisedDate.textContent).toEqual(`Published Date${EMPTY_VALUE}`); + expect(vulnerabilityScores.textContent).toEqual(`Vulnerability Scores${EMPTY_VALUE}`); }); it('show empty state for no fixes', () => { diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.tsx b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.tsx index 953d8af6ce7cb..102fc272801ea 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.tsx @@ -27,13 +27,13 @@ import { FormattedMessage } from '@kbn/i18n-react'; import { euiThemeVars } from '@kbn/ui-theme'; import { css } from '@emotion/react'; import { HttpSetup } from '@kbn/core-http-browser'; +import type { CspVulnerabilityFinding } from '@kbn/cloud-security-posture-common/schema/vulnerabilities/latest'; import { TakeAction } from '../../../components/take_action'; import { truthy } from '../../../../common/utils/helpers'; import { CspInlineDescriptionList } from '../../../components/csp_inline_description_list'; import { VulnerabilityOverviewTab } from './vulnerability_overview_tab'; import { VulnerabilityJsonTab } from './vulnerability_json_tab'; import { SeverityStatusBadge } from '../../../components/vulnerability_badges'; -import type { CspVulnerabilityFinding } from '../../../../common/schemas'; import { FINDINGS_VULNERABILITY_FLYOUT_DESCRIPTION_LIST, TAB_ID_VULNERABILITY_FLYOUT, diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_json_tab.tsx b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_json_tab.tsx index c18571eb975e6..03701ad4ee442 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_json_tab.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_json_tab.tsx @@ -8,7 +8,7 @@ import { CodeEditor } from '@kbn/code-editor'; import React from 'react'; import { XJsonLang } from '@kbn/monaco'; -import { CspVulnerabilityFinding } from '../../../../common/schemas'; +import type { CspVulnerabilityFinding } from '@kbn/cloud-security-posture-common/schema/vulnerabilities/latest'; import { JSON_TAB_VULNERABILITY_FLYOUT } from '../test_subjects'; interface VulnerabilityJsonTabProps { vulnerabilityRecord: CspVulnerabilityFinding; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_overview_tab.tsx b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_overview_tab.tsx index ecff474d5f50f..e25bbbf6c3111 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_overview_tab.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_overview_tab.tsx @@ -19,8 +19,11 @@ import moment from 'moment'; import React from 'react'; import { euiThemeVars } from '@kbn/ui-theme'; import { i18n } from '@kbn/i18n'; +import { + VectorScoreBase, + CspVulnerabilityFinding, +} from '@kbn/cloud-security-posture-common/schema/vulnerabilities/latest'; import { getDatasetDisplayName } from '../../../common/utils/get_dataset_display_name'; -import { VectorScoreBase, CspVulnerabilityFinding } from '../../../../common/schemas'; import { CspFlyoutMarkdown } from '../../configurations/findings_flyout/findings_flyout'; import { NvdLogo } from '../../../assets/icons/nvd_logo_svg'; import { CVSScoreBadge } from '../../../components/vulnerability_badges'; @@ -30,6 +33,7 @@ import { DATA_SOURCE_VULNERABILITY_FLYOUT, OVERVIEW_TAB_VULNERABILITY_FLYOUT, PUBLISHED_DATE_VULNERABILITY_FLYOUT, + VULNERABILITY_SCORES_FLYOUT, } from '../test_subjects'; import redhatLogo from '../../../assets/icons/redhat_logo.svg'; import { VulnerabilityDetectionRuleCounter } from './vulnerability_detection_rule_counter'; @@ -306,8 +310,8 @@ export const VulnerabilityOverviewTab = ({ vulnerabilityRecord }: VulnerabilityT - {cvssScores?.length > 0 && ( - + { +

- {cvssScores} + {!!cvssScores?.length ? cvssScores : EMPTY_VALUE} - )} + } ); }; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_table_tab.tsx b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_table_tab.tsx index 3d5c5d6c519a7..e84661bd0bcb1 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_table_tab.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_table_tab.tsx @@ -15,7 +15,7 @@ import { import React from 'react'; import { getFlattenedObject } from '@kbn/std'; import { i18n } from '@kbn/i18n'; -import { CspVulnerabilityFinding } from '../../../../common/schemas'; +import { CspVulnerabilityFinding } from '@kbn/cloud-security-posture-common/schema/vulnerabilities/latest'; interface FlattenedItem { key: string; // flattened dot notation object path for Vulnerability; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilties.test.tsx b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilties.test.tsx index 07db3f1905167..0c624a215c253 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilties.test.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilties.test.tsx @@ -6,12 +6,12 @@ */ import React from 'react'; import Chance from 'chance'; -import { CDR_MISCONFIGURATIONS_DATA_VIEW_ID_PREFIX } from '@kbn/cloud-security-posture-common'; -import { Vulnerabilities } from './vulnerabilities'; import { + CDR_MISCONFIGURATIONS_DATA_VIEW_ID_PREFIX, CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, - VULN_MGMT_POLICY_TEMPLATE, -} from '../../../common/constants'; +} from '@kbn/cloud-security-posture-common'; +import { Vulnerabilities } from './vulnerabilities'; +import { VULN_MGMT_POLICY_TEMPLATE } from '../../../common/constants'; import { useCspSetupStatusApi } from '@kbn/cloud-security-posture/src/hooks/use_csp_setup_status_api'; import { useDataView } from '@kbn/cloud-security-posture/src/hooks/use_data_view'; import { createReactQueryResponse } from '../../test/fixtures/react_query'; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerability_dashboard/vulnerability_dashboard.test.tsx b/x-pack/plugins/cloud_security_posture/public/pages/vulnerability_dashboard/vulnerability_dashboard.test.tsx index 9ea51de9e5f9d..50f630e6b9376 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerability_dashboard/vulnerability_dashboard.test.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerability_dashboard/vulnerability_dashboard.test.tsx @@ -8,10 +8,8 @@ import React from 'react'; import Chance from 'chance'; import { dataPluginMock } from '@kbn/data-plugin/public/mocks'; import { unifiedSearchPluginMock } from '@kbn/unified-search-plugin/public/mocks'; -import { - CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, - VULN_MGMT_POLICY_TEMPLATE, -} from '../../../common/constants'; +import { CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN } from '@kbn/cloud-security-posture-common'; +import { VULN_MGMT_POLICY_TEMPLATE } from '../../../common/constants'; import { chartPluginMock } from '@kbn/charts-plugin/public/mocks'; import { discoverPluginMock } from '@kbn/discover-plugin/public/mocks'; import { useCspSetupStatusApi } from '@kbn/cloud-security-posture/src/hooks/use_csp_setup_status_api'; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerability_dashboard/vulnerability_table_panel_section.tsx b/x-pack/plugins/cloud_security_posture/public/pages/vulnerability_dashboard/vulnerability_table_panel_section.tsx index a3d92ab40f08c..42794e91d2036 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerability_dashboard/vulnerability_table_panel_section.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerability_dashboard/vulnerability_table_panel_section.tsx @@ -18,11 +18,11 @@ import { import { i18n } from '@kbn/i18n'; import type { NavFilter } from '@kbn/cloud-security-posture/src/hooks/use_navigate_findings'; import { useNavigateVulnerabilities } from '@kbn/cloud-security-posture/src/hooks/use_navigate_findings'; +import type { VulnSeverity } from '@kbn/cloud-security-posture-common'; import { PatchableVulnerabilityStat, VulnerabilityStat, VulnerableResourceStat, - VulnSeverity, } from '../../../common/types_old'; import { DASHBOARD_TABLE_TYPES } from './vulnerability_table_panel.config'; import { VulnerabilityTablePanel } from './vulnerability_table_panel'; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerability_dashboard/vulnerability_trend_graph.tsx b/x-pack/plugins/cloud_security_posture/public/pages/vulnerability_dashboard/vulnerability_trend_graph.tsx index 89404b0238ece..ca29b18822fae 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/vulnerability_dashboard/vulnerability_trend_graph.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/vulnerability_dashboard/vulnerability_trend_graph.tsx @@ -20,8 +20,9 @@ import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n-react'; import { useNavigateVulnerabilities } from '@kbn/cloud-security-posture/src/hooks/use_navigate_findings'; +import type { VulnSeverity } from '@kbn/cloud-security-posture-common'; import { truthy } from '../../../common/utils/helpers'; -import { VulnStatsTrend, VulnSeverity } from '../../../common/types_old'; +import { VulnStatsTrend } from '../../../common/types_old'; import { useVulnerabilityDashboardApi } from '../../common/api/use_vulnerability_dashboard_api'; import { getSeverityStatusColor } from '../../common/utils/get_vulnerability_colors'; import { ChartPanel } from '../../components/chart_panel'; diff --git a/x-pack/plugins/cloud_security_posture/server/create_indices/latest_indices.ts b/x-pack/plugins/cloud_security_posture/server/create_indices/latest_indices.ts index 5505ea4c42c23..4d91c3f3fc2c5 100644 --- a/x-pack/plugins/cloud_security_posture/server/create_indices/latest_indices.ts +++ b/x-pack/plugins/cloud_security_posture/server/create_indices/latest_indices.ts @@ -5,13 +5,15 @@ * 2.0. */ -import { CDR_LATEST_NATIVE_MISCONFIGURATIONS_INDEX_PATTERN } from '@kbn/cloud-security-posture-common'; +import { + CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, + CDR_LATEST_NATIVE_MISCONFIGURATIONS_INDEX_PATTERN, +} from '@kbn/cloud-security-posture-common'; import { FINDINGS_INDEX_NAME, LATEST_FINDINGS_INDEX_TEMPLATE_NAME, LATEST_FINDINGS_INDEX_DEFAULT_NS, VULNERABILITIES_INDEX_NAME, - CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, LATEST_VULNERABILITIES_INDEX_TEMPLATE_NAME, } from '../../common/constants'; import { LatestIndexConfig } from './types'; diff --git a/x-pack/plugins/cloud_security_posture/server/create_transforms/latest_vulnerabilities_transforms.ts b/x-pack/plugins/cloud_security_posture/server/create_transforms/latest_vulnerabilities_transforms.ts index 0f116f9635e03..fad6b526c72d7 100644 --- a/x-pack/plugins/cloud_security_posture/server/create_transforms/latest_vulnerabilities_transforms.ts +++ b/x-pack/plugins/cloud_security_posture/server/create_transforms/latest_vulnerabilities_transforms.ts @@ -7,9 +7,11 @@ import { TransformPutTransformRequest } from '@elastic/elasticsearch/lib/api/types'; import { - CLOUD_SECURITY_POSTURE_PACKAGE_NAME, CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, LATEST_VULNERABILITIES_RETENTION_POLICY, +} from '@kbn/cloud-security-posture-common'; +import { + CLOUD_SECURITY_POSTURE_PACKAGE_NAME, VULNERABILITIES_INDEX_PATTERN, } from '../../common/constants'; diff --git a/x-pack/plugins/cloud_security_posture/server/lib/telemetry/collectors/cloud_accounts_stats_collector.ts b/x-pack/plugins/cloud_security_posture/server/lib/telemetry/collectors/cloud_accounts_stats_collector.ts index ab561f515d22f..e416bec9564c4 100644 --- a/x-pack/plugins/cloud_security_posture/server/lib/telemetry/collectors/cloud_accounts_stats_collector.ts +++ b/x-pack/plugins/cloud_security_posture/server/lib/telemetry/collectors/cloud_accounts_stats_collector.ts @@ -6,7 +6,11 @@ */ import type { ElasticsearchClient } from '@kbn/core-elasticsearch-server'; import type { ISavedObjectsRepository, Logger } from '@kbn/core/server'; -import { KSPM_POLICY_TEMPLATE, CSPM_POLICY_TEMPLATE } from '@kbn/cloud-security-posture-common'; +import { + CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, + KSPM_POLICY_TEMPLATE, + CSPM_POLICY_TEMPLATE, +} from '@kbn/cloud-security-posture-common'; import type { SearchRequest } from '@elastic/elasticsearch/lib/api/types'; import { getPackagePolicyIdRuntimeMapping } from '../../../../common/runtime_mappings/get_package_policy_id_mapping'; import { getIdentifierRuntimeMapping } from '../../../../common/runtime_mappings/get_identifier_runtime_mapping'; @@ -19,7 +23,6 @@ import type { } from './types'; import { LATEST_FINDINGS_INDEX_DEFAULT_NS, - CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, VULN_MGMT_POLICY_TEMPLATE, } from '../../../../common/constants'; import { diff --git a/x-pack/plugins/cloud_security_posture/server/lib/telemetry/collectors/indices_stats_collector.ts b/x-pack/plugins/cloud_security_posture/server/lib/telemetry/collectors/indices_stats_collector.ts index c8fb7167eeae1..e5c19c9216be5 100644 --- a/x-pack/plugins/cloud_security_posture/server/lib/telemetry/collectors/indices_stats_collector.ts +++ b/x-pack/plugins/cloud_security_posture/server/lib/telemetry/collectors/indices_stats_collector.ts @@ -6,6 +6,7 @@ */ import type { CoreStart, Logger, SavedObjectsClientContract } from '@kbn/core/server'; import type { ElasticsearchClient } from '@kbn/core-elasticsearch-server'; +import { CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN } from '@kbn/cloud-security-posture-common'; import { getCspStatus } from '../../../routes/status/status'; import type { CspServerPluginStart, CspServerPluginStartDeps } from '../../../types'; @@ -14,7 +15,6 @@ import { BENCHMARK_SCORE_INDEX_DEFAULT_NS, FINDINGS_INDEX_DEFAULT_NS, LATEST_FINDINGS_INDEX_DEFAULT_NS, - CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, VULNERABILITIES_INDEX_DEFAULT_NS, } from '../../../../common/constants'; diff --git a/x-pack/plugins/cloud_security_posture/server/routes/status/status.ts b/x-pack/plugins/cloud_security_posture/server/routes/status/status.ts index 47ad4c32cba6e..659b2ed94f43a 100644 --- a/x-pack/plugins/cloud_security_posture/server/routes/status/status.ts +++ b/x-pack/plugins/cloud_security_posture/server/routes/status/status.ts @@ -12,6 +12,9 @@ import { STATUS_ROUTE_PATH, LATEST_FINDINGS_RETENTION_POLICY, CDR_MISCONFIGURATIONS_INDEX_PATTERN, + CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, + LATEST_VULNERABILITIES_RETENTION_POLICY, + CDR_VULNERABILITIES_INDEX_PATTERN, } from '@kbn/cloud-security-posture-common'; import type { CspSetupStatus, @@ -36,11 +39,8 @@ import { BENCHMARK_SCORE_INDEX_DEFAULT_NS, VULNERABILITIES_INDEX_PATTERN, POSTURE_TYPES, - CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, VULN_MGMT_POLICY_TEMPLATE, POSTURE_TYPE_ALL, - LATEST_VULNERABILITIES_RETENTION_POLICY, - CDR_VULNERABILITIES_INDEX_PATTERN, } from '../../../common/constants'; import type { CspApiRequestHandlerContext, diff --git a/x-pack/plugins/cloud_security_posture/server/routes/vulnerabilities_dashboard/get_top_patchable_vulnerabilities.ts b/x-pack/plugins/cloud_security_posture/server/routes/vulnerabilities_dashboard/get_top_patchable_vulnerabilities.ts index add7eac260c25..565400ec3a6df 100644 --- a/x-pack/plugins/cloud_security_posture/server/routes/vulnerabilities_dashboard/get_top_patchable_vulnerabilities.ts +++ b/x-pack/plugins/cloud_security_posture/server/routes/vulnerabilities_dashboard/get_top_patchable_vulnerabilities.ts @@ -7,8 +7,8 @@ import { SearchRequest } from '@elastic/elasticsearch/lib/api/types'; import { ElasticsearchClient } from '@kbn/core-elasticsearch-server'; +import { CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN } from '@kbn/cloud-security-posture-common'; import { AggFieldBucket, PatchableVulnerabilityStat } from '../../../common/types_old'; -import { CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN } from '../../../common/constants'; interface VulnerabilityBucket { key: string | undefined; diff --git a/x-pack/plugins/cloud_security_posture/server/routes/vulnerabilities_dashboard/get_top_vulnerabilities.ts b/x-pack/plugins/cloud_security_posture/server/routes/vulnerabilities_dashboard/get_top_vulnerabilities.ts index 5160d0d98fa0c..4ab2ee45ed549 100644 --- a/x-pack/plugins/cloud_security_posture/server/routes/vulnerabilities_dashboard/get_top_vulnerabilities.ts +++ b/x-pack/plugins/cloud_security_posture/server/routes/vulnerabilities_dashboard/get_top_vulnerabilities.ts @@ -7,8 +7,8 @@ import { SearchRequest } from '@elastic/elasticsearch/lib/api/types'; import { ElasticsearchClient } from '@kbn/core-elasticsearch-server'; +import { CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN } from '@kbn/cloud-security-posture-common'; import { VulnerabilityStat } from '../../../common/types_old'; -import { CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN } from '../../../common/constants'; interface VulnerabilityBucket { key: string | undefined; diff --git a/x-pack/plugins/cloud_security_posture/server/routes/vulnerabilities_dashboard/get_top_vulnerable_resources.ts b/x-pack/plugins/cloud_security_posture/server/routes/vulnerabilities_dashboard/get_top_vulnerable_resources.ts index 6a7f0b17be21b..e04266e214d4c 100644 --- a/x-pack/plugins/cloud_security_posture/server/routes/vulnerabilities_dashboard/get_top_vulnerable_resources.ts +++ b/x-pack/plugins/cloud_security_posture/server/routes/vulnerabilities_dashboard/get_top_vulnerable_resources.ts @@ -6,9 +6,9 @@ */ import { SearchRequest } from '@elastic/elasticsearch/lib/api/types'; +import { CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN } from '@kbn/cloud-security-posture-common'; import { ElasticsearchClient } from '@kbn/core-elasticsearch-server'; import { AggFieldBucket, VulnerableResourceStat } from '../../../common/types_old'; -import { CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN } from '../../../common/constants'; interface ResourceBucket { key: string | undefined; diff --git a/x-pack/plugins/cloud_security_posture/server/routes/vulnerabilities_dashboard/get_vulnerabilities_statistics.ts b/x-pack/plugins/cloud_security_posture/server/routes/vulnerabilities_dashboard/get_vulnerabilities_statistics.ts index 797a69113fc0d..905810f1efc01 100644 --- a/x-pack/plugins/cloud_security_posture/server/routes/vulnerabilities_dashboard/get_vulnerabilities_statistics.ts +++ b/x-pack/plugins/cloud_security_posture/server/routes/vulnerabilities_dashboard/get_vulnerabilities_statistics.ts @@ -7,10 +7,8 @@ import { SearchRequest } from '@elastic/elasticsearch/lib/api/types'; import { ElasticsearchClient } from '@kbn/core-elasticsearch-server'; -import { - CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, - VULNERABILITIES_SEVERITY, -} from '../../../common/constants'; +import { CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN } from '@kbn/cloud-security-posture-common'; +import { VULNERABILITIES_SEVERITY } from '../../../common/constants'; export interface VulnerabilitiesStatisticsQueryResult { critical: { diff --git a/x-pack/plugins/cloud_security_posture/server/saved_objects/data_views.ts b/x-pack/plugins/cloud_security_posture/server/saved_objects/data_views.ts index 69eef99d7cd43..475afc52a2e03 100644 --- a/x-pack/plugins/cloud_security_posture/server/saved_objects/data_views.ts +++ b/x-pack/plugins/cloud_security_posture/server/saved_objects/data_views.ts @@ -19,11 +19,11 @@ import { CDR_MISCONFIGURATIONS_INDEX_PATTERN, CDR_MISCONFIGURATIONS_DATA_VIEW_ID_PREFIX, CDR_MISCONFIGURATIONS_DATA_VIEW_NAME, + CDR_VULNERABILITIES_INDEX_PATTERN, } from '@kbn/cloud-security-posture-common'; import { CDR_VULNERABILITIES_DATA_VIEW_ID_PREFIX, CDR_VULNERABILITIES_DATA_VIEW_NAME, - CDR_VULNERABILITIES_INDEX_PATTERN, } from '../../common/constants'; const DATA_VIEW_TIME_FIELD = '@timestamp'; diff --git a/x-pack/plugins/cloud_security_posture/server/tasks/findings_stats_task.ts b/x-pack/plugins/cloud_security_posture/server/tasks/findings_stats_task.ts index f04ddd3459fb9..1f8614c6d4a5e 100644 --- a/x-pack/plugins/cloud_security_posture/server/tasks/findings_stats_task.ts +++ b/x-pack/plugins/cloud_security_posture/server/tasks/findings_stats_task.ts @@ -14,6 +14,7 @@ import { import type { SearchRequest } from '@elastic/elasticsearch/lib/api/types'; import { ElasticsearchClient } from '@kbn/core/server'; import { QueryDslQueryContainer } from '@kbn/data-views-plugin/common/types'; +import { CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN } from '@kbn/cloud-security-posture-common'; import type { ISavedObjectsRepository, Logger } from '@kbn/core/server'; import { getMutedRulesFilterQuery } from '../routes/benchmark_rules/get_states/v1'; import { getSafePostureTypeRuntimeMapping } from '../../common/runtime_mappings/get_safe_posture_type_runtime_mapping'; @@ -24,7 +25,6 @@ import { CSPM_FINDINGS_STATS_INTERVAL, INTERNAL_CSP_SETTINGS_SAVED_OBJECT_TYPE, LATEST_FINDINGS_INDEX_DEFAULT_NS, - CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, VULNERABILITIES_SEVERITY, VULN_MGMT_POLICY_TEMPLATE, } from '../../common/constants'; diff --git a/x-pack/plugins/data_usage/README.md b/x-pack/plugins/data_usage/README.md new file mode 100755 index 0000000000000..7c0056ff5780d --- /dev/null +++ b/x-pack/plugins/data_usage/README.md @@ -0,0 +1,3 @@ +# dataUsage +Serverless only plugin for users to view data usage + diff --git a/x-pack/plugins/data_usage/common/index.ts b/x-pack/plugins/data_usage/common/index.ts new file mode 100644 index 0000000000000..4b6f899b58d37 --- /dev/null +++ b/x-pack/plugins/data_usage/common/index.ts @@ -0,0 +1,13 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { i18n } from '@kbn/i18n'; + +export const PLUGIN_ID = 'data_usage'; +export const PLUGIN_NAME = i18n.translate('xpack.dataUsage.name', { + defaultMessage: 'Data Usage', +}); diff --git a/x-pack/plugins/data_usage/jest.config.js b/x-pack/plugins/data_usage/jest.config.js new file mode 100644 index 0000000000000..f73ddf7ec31ee --- /dev/null +++ b/x-pack/plugins/data_usage/jest.config.js @@ -0,0 +1,15 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +module.exports = { + preset: '@kbn/test', + rootDir: '../../..', + roots: ['/x-pack/plugins/data_usage'], + coverageDirectory: '/target/kibana-coverage/jest/x-pack/plugins/data_usage', + coverageReporters: ['text', 'html'], + collectCoverageFrom: ['/x-pack/plugins/datas_usage/{common,public}/**/*.{ts,tsx}'], +}; diff --git a/x-pack/plugins/data_usage/kibana.jsonc b/x-pack/plugins/data_usage/kibana.jsonc new file mode 100644 index 0000000000000..9b0f2d193925e --- /dev/null +++ b/x-pack/plugins/data_usage/kibana.jsonc @@ -0,0 +1,16 @@ +{ + "type": "plugin", + "id": "@kbn/data-usage-plugin", + "owner": ["@elastic/obs-ai-assistant", "@elastic/security-solution"], + "plugin": { + "id": "dataUsage", + "server": true, + "browser": true, + "configPath": ["xpack", "dataUsage"], + "requiredPlugins": ["home", "management", "features", "share"], + "optionalPlugins": [], + "requiredBundles": [ + "kibanaReact", + ], + } +} diff --git a/x-pack/plugins/data_usage/public/application.tsx b/x-pack/plugins/data_usage/public/application.tsx new file mode 100644 index 0000000000000..1e6c35c4b8f0a --- /dev/null +++ b/x-pack/plugins/data_usage/public/application.tsx @@ -0,0 +1,83 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { CoreStart } from '@kbn/core/public'; +import { ManagementAppMountParams } from '@kbn/management-plugin/public'; +import React from 'react'; +import ReactDOM from 'react-dom'; +import { KibanaRenderContextProvider } from '@kbn/react-kibana-context-render'; +import { Route, Router, Routes } from '@kbn/shared-ux-router'; +import { useExecutionContext } from '@kbn/kibana-react-plugin/public'; +import { PerformanceContextProvider } from '@kbn/ebt-tools'; +import { useKibanaContextForPluginProvider } from './utils/use_kibana'; +import { DataUsageStartDependencies, DataUsagePublicStart } from './types'; +import { PLUGIN_ID } from '../common'; + +export const renderApp = ( + core: CoreStart, + plugins: DataUsageStartDependencies, + pluginStart: DataUsagePublicStart, + params: ManagementAppMountParams +) => { + ReactDOM.render( + , + params.element + ); + + return () => { + ReactDOM.unmountComponentAtNode(params.element); + }; +}; + +const AppWithExecutionContext = ({ + core, + params, +}: { + core: CoreStart; + params: ManagementAppMountParams; +}) => { + const { executionContext } = core; + + useExecutionContext(executionContext, { + type: 'application', + page: PLUGIN_ID, + }); + + return ( + + + +
Data Usage
} /> + + + + ); +}; + +interface AppProps { + core: CoreStart; + plugins: DataUsageStartDependencies; + pluginStart: DataUsagePublicStart; + params: ManagementAppMountParams; +} + +const App = ({ core, plugins, pluginStart, params }: AppProps) => { + const KibanaContextProviderForPlugin = useKibanaContextForPluginProvider( + core, + plugins, + pluginStart, + params + ); + + return ( + + + + + + ); +}; diff --git a/x-pack/plugins/data_usage/public/index.ts b/x-pack/plugins/data_usage/public/index.ts new file mode 100644 index 0000000000000..e18b801a6a38f --- /dev/null +++ b/x-pack/plugins/data_usage/public/index.ts @@ -0,0 +1,25 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { PluginInitializer, PluginInitializerContext } from '@kbn/core/public'; +import type { + DataUsagePublicSetup, + DataUsagePublicStart, + DataUsageSetupDependencies, + DataUsageStartDependencies, + ConfigSchema, +} from './types'; +import { DataUsagePlugin } from './plugin'; + +export type { DataUsagePublicSetup, DataUsagePublicStart } from './types'; + +export const plugin: PluginInitializer< + DataUsagePublicSetup, + DataUsagePublicStart, + DataUsageSetupDependencies, + DataUsageStartDependencies +> = (pluginInitializerContext: PluginInitializerContext) => new DataUsagePlugin(); diff --git a/x-pack/plugins/data_usage/public/plugin.ts b/x-pack/plugins/data_usage/public/plugin.ts new file mode 100644 index 0000000000000..aa3b02c2b671b --- /dev/null +++ b/x-pack/plugins/data_usage/public/plugin.ts @@ -0,0 +1,55 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { CoreSetup, CoreStart, Plugin } from '@kbn/core/public'; +import { ManagementAppMountParams } from '@kbn/management-plugin/public'; +import { + DataUsagePublicSetup, + DataUsagePublicStart, + DataUsageStartDependencies, + DataUsageSetupDependencies, +} from './types'; +import { PLUGIN_ID, PLUGIN_NAME } from '../common'; + +export class DataUsagePlugin + implements + Plugin< + DataUsagePublicSetup, + DataUsagePublicStart, + DataUsageSetupDependencies, + DataUsageStartDependencies + > +{ + public setup( + core: CoreSetup, + plugins: DataUsageSetupDependencies + ): DataUsagePublicSetup { + const { management } = plugins; + management.sections.section.data.registerApp({ + id: PLUGIN_ID, + title: PLUGIN_NAME, + order: 6, + keywords: ['data usage', 'usage'], + async mount(params: ManagementAppMountParams) { + const [{ renderApp }, [coreStart, pluginsStartDeps, pluginStart]] = await Promise.all([ + import('./application'), + core.getStartServices(), + ]); + + return renderApp(coreStart, pluginsStartDeps, pluginStart, params); + }, + }); + + return {}; + } + + public start(_core: CoreStart): DataUsagePublicStart { + return {}; + } + + public stop() {} +} diff --git a/x-pack/plugins/data_usage/public/types.ts b/x-pack/plugins/data_usage/public/types.ts new file mode 100644 index 0000000000000..e65865dc31821 --- /dev/null +++ b/x-pack/plugins/data_usage/public/types.ts @@ -0,0 +1,27 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { ManagementSetup, ManagementStart } from '@kbn/management-plugin/public'; +import { SharePluginSetup, SharePluginStart } from '@kbn/share-plugin/public'; + +// eslint-disable-next-line @typescript-eslint/no-empty-interface +export interface DataUsagePublicSetup {} + +// eslint-disable-next-line @typescript-eslint/no-empty-interface +export interface DataUsagePublicStart {} + +export interface DataUsageSetupDependencies { + management: ManagementSetup; + share: SharePluginSetup; +} + +export interface DataUsageStartDependencies { + management: ManagementStart; + share: SharePluginStart; +} +// eslint-disable-next-line @typescript-eslint/no-empty-interface +export interface ConfigSchema {} diff --git a/x-pack/plugins/data_usage/public/utils/use_kibana.tsx b/x-pack/plugins/data_usage/public/utils/use_kibana.tsx new file mode 100644 index 0000000000000..9575a8b8bbd21 --- /dev/null +++ b/x-pack/plugins/data_usage/public/utils/use_kibana.tsx @@ -0,0 +1,53 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { CoreStart } from '@kbn/core/public'; +import { + createKibanaReactContext, + KibanaReactContextValue, + useKibana, +} from '@kbn/kibana-react-plugin/public'; +import { ManagementAppMountParams } from '@kbn/management-plugin/public'; +import { useMemo } from 'react'; +import { DataUsageStartDependencies, DataUsagePublicStart } from '../types'; + +export type PluginKibanaContextValue = CoreStart & + DataUsageStartDependencies & + DataUsagePublicStart & { + appParams: ManagementAppMountParams; + }; + +export const createKibanaContextForPlugin = ( + core: CoreStart, + plugins: DataUsageStartDependencies, + pluginStart: DataUsagePublicStart, + appParams: ManagementAppMountParams +) => { + return createKibanaReactContext({ + ...core, + ...plugins, + ...pluginStart, + appParams, + }); +}; + +export const useKibanaContextForPlugin = + useKibana as () => KibanaReactContextValue; + +export const useKibanaContextForPluginProvider = ( + core: CoreStart, + plugins: DataUsageStartDependencies, + pluginStart: DataUsagePublicStart, + appParams: ManagementAppMountParams +) => { + const { Provider } = useMemo( + () => createKibanaContextForPlugin(core, plugins, pluginStart, appParams), + [appParams, core, pluginStart, plugins] + ); + + return Provider; +}; diff --git a/x-pack/plugins/data_usage/server/config.ts b/x-pack/plugins/data_usage/server/config.ts new file mode 100644 index 0000000000000..6453cce4f4d56 --- /dev/null +++ b/x-pack/plugins/data_usage/server/config.ts @@ -0,0 +1,14 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { schema, type TypeOf } from '@kbn/config-schema'; + +export const config = schema.object({ + enabled: schema.boolean({ defaultValue: false }), +}); + +export type DataUsageConfig = TypeOf; diff --git a/x-pack/plugins/data_usage/server/index.ts b/x-pack/plugins/data_usage/server/index.ts new file mode 100644 index 0000000000000..3aa49a184d003 --- /dev/null +++ b/x-pack/plugins/data_usage/server/index.ts @@ -0,0 +1,36 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import type { + PluginInitializer, + PluginInitializerContext, + PluginConfigDescriptor, +} from '@kbn/core/server'; +import { DataUsageConfig } from './config'; + +import { DataUsagePlugin } from './plugin'; +import type { + DataUsageServerSetup, + DataUsageServerStart, + DataUsageSetupDependencies, + DataUsageStartDependencies, +} from './types'; + +import { config as configSchema } from './config'; + +export type { DataUsageServerSetup, DataUsageServerStart }; + +export const config: PluginConfigDescriptor = { + schema: configSchema, +}; + +export const plugin: PluginInitializer< + DataUsageServerSetup, + DataUsageServerStart, + DataUsageSetupDependencies, + DataUsageStartDependencies +> = async (pluginInitializerContext: PluginInitializerContext) => + await new DataUsagePlugin(pluginInitializerContext); diff --git a/x-pack/plugins/data_usage/server/plugin.ts b/x-pack/plugins/data_usage/server/plugin.ts new file mode 100644 index 0000000000000..8ab49d5104fff --- /dev/null +++ b/x-pack/plugins/data_usage/server/plugin.ts @@ -0,0 +1,40 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { CoreSetup, CoreStart, Plugin, PluginInitializerContext } from '@kbn/core/server'; +import type { Logger } from '@kbn/logging'; +import { DataUsageConfig } from './config'; +import type { + DataUsageServerSetup, + DataUsageServerStart, + DataUsageSetupDependencies, + DataUsageStartDependencies, +} from './types'; + +export class DataUsagePlugin + implements + Plugin< + DataUsageServerSetup, + DataUsageServerStart, + DataUsageSetupDependencies, + DataUsageStartDependencies + > +{ + logger: Logger; + constructor(context: PluginInitializerContext) { + this.logger = context.logger.get(); + } + setup(coreSetup: CoreSetup, pluginsSetup: DataUsageSetupDependencies): DataUsageServerSetup { + return {}; + } + + start(coreStart: CoreStart, pluginsStart: DataUsageStartDependencies): DataUsageServerStart { + return {}; + } + + public stop() {} +} diff --git a/x-pack/plugins/data_usage/server/types.ts b/x-pack/plugins/data_usage/server/types.ts new file mode 100644 index 0000000000000..9f43ae2d3c298 --- /dev/null +++ b/x-pack/plugins/data_usage/server/types.ts @@ -0,0 +1,16 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/* eslint-disable @typescript-eslint/no-empty-interface*/ + +export interface DataUsageSetupDependencies {} + +export interface DataUsageStartDependencies {} + +export interface DataUsageServerSetup {} + +export interface DataUsageServerStart {} diff --git a/x-pack/plugins/data_usage/tsconfig.json b/x-pack/plugins/data_usage/tsconfig.json new file mode 100644 index 0000000000000..ebc023568cf88 --- /dev/null +++ b/x-pack/plugins/data_usage/tsconfig.json @@ -0,0 +1,26 @@ +{ + "extends": "../../../tsconfig.base.json", + "compilerOptions": { + "outDir": "target/types" + }, + "include": [ + "index.ts", + "common/**/*", + "public/**/*", + "server/**/*", + "../../../typings/**/*" + ], + "kbn_references": [ + "@kbn/core", + "@kbn/i18n", + "@kbn/kibana-react-plugin", + "@kbn/management-plugin", + "@kbn/react-kibana-context-render", + "@kbn/shared-ux-router", + "@kbn/ebt-tools", + "@kbn/share-plugin", + "@kbn/config-schema", + "@kbn/logging", + ], + "exclude": ["target/**/*"] +} diff --git a/x-pack/plugins/data_visualizer/public/application/common/components/top_values/top_values.tsx b/x-pack/plugins/data_visualizer/public/application/common/components/top_values/top_values.tsx index 0d7d6b4c480e9..5d263135389eb 100644 --- a/x-pack/plugins/data_visualizer/public/application/common/components/top_values/top_values.tsx +++ b/x-pack/plugins/data_visualizer/public/application/common/components/top_values/top_values.tsx @@ -14,6 +14,8 @@ import { EuiText, EuiButtonIcon, EuiSpacer, + useEuiTheme, + euiScrollBarStyles, } from '@elastic/eui'; import { FormattedMessage } from '@kbn/i18n-react'; @@ -69,6 +71,7 @@ export const TopValues: FC = ({ data: { fieldFormats }, }, } = useDataVisualizerKibana(); + const euiTheme = useEuiTheme(); if (stats === undefined || !stats.topValues) return null; const { fieldName, sampleCount, approximate } = stats; @@ -169,6 +172,10 @@ export const TopValues: FC = ({ {showSampledValues ? ( @@ -215,6 +222,7 @@ export const TopValues: FC = ({ onAddFilter !== undefined ? (
diff --git a/x-pack/plugins/data_visualizer/public/application/index_data_visualizer/components/index_data_visualizer_view/index_data_visualizer_esql.tsx b/x-pack/plugins/data_visualizer/public/application/index_data_visualizer/components/index_data_visualizer_view/index_data_visualizer_esql.tsx index 8e3d48c47c789..d50ee4c8916f1 100644 --- a/x-pack/plugins/data_visualizer/public/application/index_data_visualizer/components/index_data_visualizer_view/index_data_visualizer_esql.tsx +++ b/x-pack/plugins/data_visualizer/public/application/index_data_visualizer/components/index_data_visualizer_view/index_data_visualizer_esql.tsx @@ -259,15 +259,25 @@ export const IndexDataVisualizerESQL: FC = (dataVi - + + + diff --git a/x-pack/plugins/data_visualizer/public/application/index_data_visualizer/embeddables/field_stats/field_stats_factory.tsx b/x-pack/plugins/data_visualizer/public/application/index_data_visualizer/embeddables/field_stats/field_stats_factory.tsx index d644779ba0a87..45187737ad09d 100644 --- a/x-pack/plugins/data_visualizer/public/application/index_data_visualizer/embeddables/field_stats/field_stats_factory.tsx +++ b/x-pack/plugins/data_visualizer/public/application/index_data_visualizer/embeddables/field_stats/field_stats_factory.tsx @@ -38,13 +38,14 @@ import { import type { DataView } from '@kbn/data-views-plugin/public'; import { dynamic } from '@kbn/shared-ux-utility'; import { isDefined } from '@kbn/ml-is-defined'; -import { EuiFlexItem } from '@elastic/eui'; +import { EuiCallOut, EuiEmptyPrompt, EuiFlexItem } from '@elastic/eui'; import { css } from '@emotion/react'; import type { ActionExecutionContext } from '@kbn/ui-actions-plugin/public'; import type { Filter } from '@kbn/es-query'; import { FilterStateStore } from '@kbn/es-query'; -import { getESQLAdHocDataview } from '@kbn/esql-utils'; +import { ENABLE_ESQL, getESQLAdHocDataview } from '@kbn/esql-utils'; import { ACTION_GLOBAL_APPLY_FILTER } from '@kbn/unified-search-plugin/public'; +import { FormattedMessage } from '@kbn/i18n-react'; import type { DataVisualizerTableState } from '../../../../../common/types'; import type { DataVisualizerPluginStart } from '../../../../plugin'; import type { FieldStatisticsTableEmbeddableState } from '../grid_embeddable/types'; @@ -153,20 +154,19 @@ export const getFieldStatsChartEmbeddableFactory = ( serializeFieldStatsChartState, onFieldStatsTableDestroy, resetData$, - } = initializeFieldStatsControls(state); + } = initializeFieldStatsControls(state, deps.uiSettings); const { onError, dataLoading, blockingError } = dataLoadingApi; - const defaultDataViewId = await deps.data.dataViews.getDefaultId(); - const validDataViewId: string = - isDefined(state.dataViewId) && state.dataViewId !== '' - ? state.dataViewId - : defaultDataViewId ?? ''; - let initialDataView: DataView[] | undefined; + const validDataViewId: string | undefined = + isDefined(state.dataViewId) && state.dataViewId !== '' ? state.dataViewId : undefined; + let initialDataView: DataView | undefined; try { const dataView = isESQLQuery(state.query) ? await getESQLAdHocDataview(state.query.esql, deps.data.dataViews) - : await deps.data.dataViews.get(validDataViewId); - initialDataView = [dataView]; + : validDataViewId + ? await deps.data.dataViews.get(validDataViewId) + : undefined; + initialDataView = dataView; } catch (error) { // Only need to publish blocking error if viewtype is data view, and no data view found if (state.viewType === FieldStatsInitializerViewType.DATA_VIEW) { @@ -174,7 +174,9 @@ export const getFieldStatsChartEmbeddableFactory = ( } } - const dataViews$ = new BehaviorSubject(initialDataView); + const dataViews$ = new BehaviorSubject( + initialDataView ? [initialDataView] : undefined + ); const subscriptions = new Subscription(); if (fieldStatsControlsApi.dataViewId$) { @@ -182,10 +184,10 @@ export const getFieldStatsChartEmbeddableFactory = ( fieldStatsControlsApi.dataViewId$ .pipe( skip(1), - skipWhile((dataViewId) => !dataViewId && !defaultDataViewId), + skipWhile((dataViewId) => !dataViewId), switchMap(async (dataViewId) => { try { - return await deps.data.dataViews.get(dataViewId ?? defaultDataViewId); + return await deps.data.dataViews.get(dataViewId); } catch (error) { return undefined; } @@ -324,6 +326,8 @@ export const getFieldStatsChartEmbeddableFactory = ( api.viewType$, api.showDistributions$ ); + const isEsqlEnabled = deps.uiSettings.get(ENABLE_ESQL); + const lastReloadRequestTime = useObservable(reload$, Date.now()); const isEsqlMode = viewType === FieldStatsInitializerViewType.ESQL; @@ -362,6 +366,49 @@ export const getFieldStatsChartEmbeddableFactory = ( }; }, []); + if (viewType === FieldStatsInitializerViewType.DATA_VIEW && !dataViews) { + return ( + + +

+ } + body={ +

+ +

+ } + /> + ); + } + + if (isEsqlMode && !isEsqlEnabled) { + return ( + + + + + } + color="warning" + iconType="alert" + /> + + ); + } + return ( = ({ defaultMessage: 'Data view', } )} + css={css({ padding: euiThemeVars.euiSizeM })} > { +export const initializeFieldStatsControls = ( + rawState: FieldStatsInitialState, + uiSettings: IUiSettingsClient +) => { + const isEsqlEnabled = uiSettings.get(ENABLE_ESQL); + const defaultType = isEsqlEnabled + ? FieldStatsInitializerViewType.ESQL + : FieldStatsInitializerViewType.DATA_VIEW; const viewType$ = new BehaviorSubject( - rawState.viewType ?? FieldStatsInitializerViewType.ESQL + rawState.viewType ?? defaultType ); const dataViewId$ = new BehaviorSubject(rawState.dataViewId); const query$ = new BehaviorSubject(rawState.query); diff --git a/x-pack/plugins/data_visualizer/public/application/index_data_visualizer/ui_actions/create_field_stats_table.tsx b/x-pack/plugins/data_visualizer/public/application/index_data_visualizer/ui_actions/create_field_stats_table.tsx index 20081daf89bdd..2c1254732c24a 100644 --- a/x-pack/plugins/data_visualizer/public/application/index_data_visualizer/ui_actions/create_field_stats_table.tsx +++ b/x-pack/plugins/data_visualizer/public/application/index_data_visualizer/ui_actions/create_field_stats_table.tsx @@ -17,6 +17,7 @@ import { KibanaContextProvider } from '@kbn/kibana-react-plugin/public'; import React from 'react'; import { isDefined } from '@kbn/ml-is-defined'; import { COMMON_VISUALIZATION_GROUPING } from '@kbn/visualizations-plugin/public'; +import { ENABLE_ESQL } from '@kbn/esql-utils'; import { FIELD_STATS_EMBEDDABLE_TYPE } from '../embeddables/field_stats/constants'; import type { DataVisualizerStartDependencies } from '../../common/types/data_visualizer_plugin'; import type { @@ -139,22 +140,31 @@ export function createAddFieldStatsTableAction( i18n.translate('xpack.dataVisualizer.fieldStatistics.displayName', { defaultMessage: 'Field statistics', }), + disabled: !coreStart.uiSettings.get(ENABLE_ESQL), async isCompatible(context: EmbeddableApiContext) { - return Boolean(await parentApiIsCompatible(context.embeddable)); + return ( + Boolean(await parentApiIsCompatible(context.embeddable)) && + coreStart.uiSettings.get(ENABLE_ESQL) + ); }, async execute(context) { const presentationContainerParent = await parentApiIsCompatible(context.embeddable); if (!presentationContainerParent) throw new IncompatibleActionError(); + const isEsqlEnabled = coreStart.uiSettings.get(ENABLE_ESQL); try { const defaultIndexPattern = await pluginStart.data.dataViews.getDefault(); - const defaultInitialState: FieldStatsInitialState = { - viewType: FieldStatsInitializerViewType.ESQL, - query: { - // Initial default query - esql: `from ${defaultIndexPattern?.getIndexPattern()} | limit 10`, - }, - }; + const defaultInitialState: FieldStatsInitialState = isEsqlEnabled + ? { + viewType: FieldStatsInitializerViewType.ESQL, + query: { + // Initial default query + esql: `from ${defaultIndexPattern?.getIndexPattern()} | limit 10`, + }, + } + : { + viewType: FieldStatsInitializerViewType.DATA_VIEW, + }; const embeddable = await presentationContainerParent.addNewPanel< object, FieldStatisticsTableEmbeddableApi diff --git a/x-pack/plugins/data_visualizer/tsconfig.json b/x-pack/plugins/data_visualizer/tsconfig.json index 79060fbbe53f9..505002d1a088c 100644 --- a/x-pack/plugins/data_visualizer/tsconfig.json +++ b/x-pack/plugins/data_visualizer/tsconfig.json @@ -88,7 +88,8 @@ "@kbn/core-lifecycle-browser", "@kbn/presentation-containers", "@kbn/react-kibana-mount", - "@kbn/visualizations-plugin" + "@kbn/visualizations-plugin", + "@kbn/core-ui-settings-browser" ], "exclude": [ "target/**/*", diff --git a/x-pack/plugins/elastic_assistant/common/anonymization/index.ts b/x-pack/plugins/elastic_assistant/common/anonymization/index.ts index b9d9718410a93..ebef2dff8bdef 100644 --- a/x-pack/plugins/elastic_assistant/common/anonymization/index.ts +++ b/x-pack/plugins/elastic_assistant/common/anonymization/index.ts @@ -107,6 +107,7 @@ export const DEFAULT_ALLOW = [ 'user.name', 'user.risk.calculated_level', 'user.risk.calculated_score_norm', + 'user.target.name', ]; /** By default, these fields will be anonymized */ @@ -114,6 +115,7 @@ export const DEFAULT_ALLOW_REPLACEMENT = [ 'host.ip', // not a default allow field, but anonymized by default 'host.name', 'user.name', + 'user.target.name', ]; export const getDefaultAnonymizationFields = (spaceId: string) => { diff --git a/x-pack/plugins/event_log/jest.integration.config.js b/x-pack/plugins/event_log/jest.integration.config.js new file mode 100644 index 0000000000000..c05b67e314755 --- /dev/null +++ b/x-pack/plugins/event_log/jest.integration.config.js @@ -0,0 +1,12 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +module.exports = { + preset: '@kbn/test/jest_integration', + rootDir: '../../..', + roots: ['/x-pack/plugins/event_log'], +}; diff --git a/x-pack/plugins/event_log/server/es/cluster_client_adapter.mock.ts b/x-pack/plugins/event_log/server/es/cluster_client_adapter.mock.ts index 2a5582347db74..c416fcb0f7bf6 100644 --- a/x-pack/plugins/event_log/server/es/cluster_client_adapter.mock.ts +++ b/x-pack/plugins/event_log/server/es/cluster_client_adapter.mock.ts @@ -13,8 +13,10 @@ const createClusterClientMock = () => { indexDocuments: jest.fn(), doesIndexTemplateExist: jest.fn(), createIndexTemplate: jest.fn(), + updateIndexTemplate: jest.fn(), doesDataStreamExist: jest.fn(), createDataStream: jest.fn(), + updateConcreteIndices: jest.fn(), getExistingLegacyIndexTemplates: jest.fn(), setLegacyIndexTemplateToHidden: jest.fn(), getExistingIndices: jest.fn(), diff --git a/x-pack/plugins/event_log/server/es/cluster_client_adapter.test.ts b/x-pack/plugins/event_log/server/es/cluster_client_adapter.test.ts index c984946574a1a..eb76b90f0556a 100644 --- a/x-pack/plugins/event_log/server/es/cluster_client_adapter.test.ts +++ b/x-pack/plugins/event_log/server/es/cluster_client_adapter.test.ts @@ -215,6 +215,117 @@ describe('createIndexTemplate', () => { }); }); +describe('updateIndexTemplate', () => { + test('should call cluster with given template', async () => { + clusterClient.indices.simulateTemplate.mockImplementationOnce(async () => ({ + template: { + aliases: { + alias_name_1: { + is_hidden: true, + }, + alias_name_2: { + is_hidden: true, + }, + }, + settings: { + hidden: true, + number_of_shards: 1, + auto_expand_replicas: '0-1', + }, + mappings: { dynamic: false, properties: { '@timestamp': { type: 'date' } } }, + }, + })); + + await clusterClientAdapter.updateIndexTemplate('foo', { args: true }); + + expect(clusterClient.indices.simulateTemplate).toHaveBeenCalledWith({ + name: 'foo', + body: { args: true }, + }); + expect(clusterClient.indices.putIndexTemplate).toHaveBeenCalledWith({ + name: 'foo', + body: { args: true }, + }); + }); + + test(`should throw error if simulate mappings response is empty`, async () => { + clusterClient.indices.simulateTemplate.mockImplementationOnce(async () => ({ + template: { + aliases: { + alias_name_1: { + is_hidden: true, + }, + alias_name_2: { + is_hidden: true, + }, + }, + settings: { + hidden: true, + number_of_shards: 1, + auto_expand_replicas: '0-1', + }, + mappings: {}, + }, + })); + + await expect(() => + clusterClientAdapter.updateIndexTemplate('foo', { name: 'template', args: true }) + ).rejects.toThrowErrorMatchingInlineSnapshot( + `"No mappings would be generated for template, possibly due to failed/misconfigured bootstrapping"` + ); + + expect(logger.error).toHaveBeenCalledWith( + `Error updating index template foo: No mappings would be generated for template, possibly due to failed/misconfigured bootstrapping` + ); + }); + + test(`should throw error if simulateTemplate throws error`, async () => { + clusterClient.indices.simulateTemplate.mockImplementationOnce(() => { + throw new Error('failed to simulate'); + }); + + await expect(() => + clusterClientAdapter.updateIndexTemplate('foo', { name: 'template', args: true }) + ).rejects.toThrowErrorMatchingInlineSnapshot(`"failed to simulate"`); + + expect(logger.error).toHaveBeenCalledWith( + `Error updating index template foo: failed to simulate` + ); + }); + + test(`should throw error if putIndexTemplate throws error`, async () => { + clusterClient.indices.simulateTemplate.mockImplementationOnce(async () => ({ + template: { + aliases: { + alias_name_1: { + is_hidden: true, + }, + alias_name_2: { + is_hidden: true, + }, + }, + settings: { + hidden: true, + number_of_shards: 1, + auto_expand_replicas: '0-1', + }, + mappings: { dynamic: false, properties: { '@timestamp': { type: 'date' } } }, + }, + })); + clusterClient.indices.putIndexTemplate.mockImplementationOnce(() => { + throw new Error('failed to update index template'); + }); + + await expect(() => + clusterClientAdapter.updateIndexTemplate('foo', { name: 'template', args: true }) + ).rejects.toThrowErrorMatchingInlineSnapshot(`"failed to update index template"`); + + expect(logger.error).toHaveBeenCalledWith( + `Error updating index template foo: failed to update index template` + ); + }); +}); + describe('getExistingLegacyIndexTemplates', () => { test('should call cluster with given index template pattern', async () => { await clusterClientAdapter.getExistingLegacyIndexTemplates('foo*'); @@ -497,7 +608,7 @@ describe('doesDataStreamExist', () => { }); }); -describe('createIndex', () => { +describe('createDataStream', () => { test('should call cluster with proper arguments', async () => { await clusterClientAdapter.createDataStream('foo'); expect(clusterClient.indices.createDataStream).toHaveBeenCalledWith({ @@ -526,6 +637,95 @@ describe('createIndex', () => { }); }); +describe('updateConcreteIndices', () => { + test('should call cluster with proper arguments', async () => { + clusterClient.indices.simulateIndexTemplate.mockImplementationOnce(async () => ({ + template: { + aliases: { alias_name_1: { is_hidden: true } }, + settings: { + hidden: true, + number_of_shards: 1, + auto_expand_replicas: '0-1', + }, + mappings: { dynamic: false, properties: { '@timestamp': { type: 'date' } } }, + }, + })); + + await clusterClientAdapter.updateConcreteIndices('foo'); + expect(clusterClient.indices.simulateIndexTemplate).toHaveBeenCalledWith({ + name: 'foo', + }); + expect(clusterClient.indices.putMapping).toHaveBeenCalledWith({ + index: 'foo', + body: { dynamic: false, properties: { '@timestamp': { type: 'date' } } }, + }); + }); + + test('should not update mapping if simulate response does not contain mappings', async () => { + // @ts-ignore + clusterClient.indices.simulateIndexTemplate.mockImplementationOnce(async () => ({ + template: { + aliases: { alias_name_1: { is_hidden: true } }, + settings: { + hidden: true, + number_of_shards: 1, + auto_expand_replicas: '0-1', + }, + }, + })); + + await clusterClientAdapter.updateConcreteIndices('foo'); + expect(clusterClient.indices.simulateIndexTemplate).toHaveBeenCalledWith({ + name: 'foo', + }); + expect(clusterClient.indices.putMapping).not.toHaveBeenCalled(); + }); + + test('should throw error if simulateIndexTemplate throws error', async () => { + clusterClient.indices.simulateIndexTemplate.mockImplementationOnce(() => { + throw new Error('failed to simulate'); + }); + + await expect(() => + clusterClientAdapter.updateConcreteIndices('foo') + ).rejects.toThrowErrorMatchingInlineSnapshot(`"failed to simulate"`); + + expect(clusterClient.indices.putMapping).not.toHaveBeenCalled(); + expect(logger.error).toHaveBeenCalledWith( + `Error updating index mappings for foo: failed to simulate` + ); + }); + + test('should throw error if putMapping throws error', async () => { + clusterClient.indices.simulateIndexTemplate.mockImplementationOnce(async () => ({ + template: { + aliases: { alias_name_1: { is_hidden: true } }, + settings: { + hidden: true, + number_of_shards: 1, + auto_expand_replicas: '0-1', + }, + mappings: { dynamic: false, properties: { '@timestamp': { type: 'date' } } }, + }, + })); + clusterClient.indices.putMapping.mockImplementationOnce(() => { + throw new Error('failed to put mappings'); + }); + + await expect(() => + clusterClientAdapter.updateConcreteIndices('foo') + ).rejects.toThrowErrorMatchingInlineSnapshot(`"failed to put mappings"`); + + expect(clusterClient.indices.putMapping).toHaveBeenCalledWith({ + index: 'foo', + body: { dynamic: false, properties: { '@timestamp': { type: 'date' } } }, + }); + expect(logger.error).toHaveBeenCalledWith( + `Error updating index mappings for foo: failed to put mappings` + ); + }); +}); + describe('queryEventsBySavedObject', () => { const DEFAULT_OPTIONS = queryOptionsSchema.validate({}); diff --git a/x-pack/plugins/event_log/server/es/cluster_client_adapter.ts b/x-pack/plugins/event_log/server/es/cluster_client_adapter.ts index 25e67c6857154..7076336c0c760 100644 --- a/x-pack/plugins/event_log/server/es/cluster_client_adapter.ts +++ b/x-pack/plugins/event_log/server/es/cluster_client_adapter.ts @@ -7,7 +7,7 @@ import { Subject } from 'rxjs'; import { bufferTime, filter as rxFilter, concatMap } from 'rxjs'; -import { reject, isUndefined, isNumber, pick } from 'lodash'; +import { reject, isUndefined, isNumber, pick, isEmpty, get } from 'lodash'; import type { PublicMethodsOf } from '@kbn/utility-types'; import { Logger, ElasticsearchClient } from '@kbn/core/server'; import util from 'util'; @@ -213,6 +213,28 @@ export class ClusterClientAdapter): Promise { + this.logger.info(`Updating index template ${name}`); + + try { + const esClient = await this.elasticsearchClientPromise; + + // Simulate the index template to proactively identify any issues with the mappings + const simulateResponse = await esClient.indices.simulateTemplate({ name, body: template }); + const mappings: estypes.MappingTypeMapping = simulateResponse.template.mappings; + + if (isEmpty(mappings)) { + throw new Error( + `No mappings would be generated for ${template.name}, possibly due to failed/misconfigured bootstrapping` + ); + } + await esClient.indices.putIndexTemplate({ name, body: template }); + } catch (err) { + this.logger.error(`Error updating index template ${name}: ${err.message}`); + throw err; + } + } + public async getExistingLegacyIndexTemplates( indexTemplatePattern: string ): Promise { @@ -335,7 +357,7 @@ export class ClusterClientAdapter = {}): Promise { + public async createDataStream(name: string): Promise { this.logger.info(`Creating datastream ${name}`); try { const esClient = await this.elasticsearchClientPromise; @@ -347,6 +369,23 @@ export class ClusterClientAdapter { + this.logger.info(`Updating concrete index mappings for ${name}`); + try { + const esClient = await this.elasticsearchClientPromise; + const simulatedIndexMapping = await esClient.indices.simulateIndexTemplate({ name }); + const simulatedMapping = get(simulatedIndexMapping, ['template', 'mappings']); + + if (simulatedMapping != null) { + await esClient.indices.putMapping({ index: name, body: simulatedMapping }); + this.logger.debug(`Successfully updated concrete index mappings for ${name}`); + } + } catch (err) { + this.logger.error(`Error updating index mappings for ${name}: ${err.message}`); + throw err; + } + } + public async queryEventsBySavedObjects( queryOptions: FindEventsOptionsBySavedObjectFilter ): Promise { diff --git a/x-pack/plugins/event_log/server/es/init.test.ts b/x-pack/plugins/event_log/server/es/init.test.ts index bf9121b353d2c..c9d624edf82e4 100644 --- a/x-pack/plugins/event_log/server/es/init.test.ts +++ b/x-pack/plugins/event_log/server/es/init.test.ts @@ -18,7 +18,7 @@ describe('initializeEs', () => { esContext.esAdapter.getExistingIndexAliases.mockResolvedValue({}); }); - test(`should update existing index templates if any exist and are not hidden`, async () => { + test(`should update existing index templates to hidden if any exist and are not hidden`, async () => { const testTemplate = { order: 0, index_patterns: ['foo-bar-*'], @@ -393,14 +393,16 @@ describe('initializeEs', () => { await initializeEs(esContext); expect(esContext.esAdapter.doesIndexTemplateExist).toHaveBeenCalled(); expect(esContext.esAdapter.createIndexTemplate).toHaveBeenCalled(); + expect(esContext.esAdapter.updateIndexTemplate).not.toHaveBeenCalled(); }); - test(`shouldn't create index template if it already exists`, async () => { + test(`should update index template if it already exists`, async () => { esContext.esAdapter.doesIndexTemplateExist.mockResolvedValue(true); await initializeEs(esContext); expect(esContext.esAdapter.doesIndexTemplateExist).toHaveBeenCalled(); expect(esContext.esAdapter.createIndexTemplate).not.toHaveBeenCalled(); + expect(esContext.esAdapter.updateIndexTemplate).toHaveBeenCalled(); }); test(`should create data stream if it doesn't exist`, async () => { @@ -409,14 +411,16 @@ describe('initializeEs', () => { await initializeEs(esContext); expect(esContext.esAdapter.doesDataStreamExist).toHaveBeenCalled(); expect(esContext.esAdapter.createDataStream).toHaveBeenCalled(); + expect(esContext.esAdapter.updateConcreteIndices).not.toHaveBeenCalled(); }); - test(`shouldn't create data stream if it already exists`, async () => { + test(`should update indices of data stream if it already exists`, async () => { esContext.esAdapter.doesDataStreamExist.mockResolvedValue(true); await initializeEs(esContext); expect(esContext.esAdapter.doesDataStreamExist).toHaveBeenCalled(); expect(esContext.esAdapter.createDataStream).not.toHaveBeenCalled(); + expect(esContext.esAdapter.updateConcreteIndices).toHaveBeenCalled(); }); }); diff --git a/x-pack/plugins/event_log/server/es/init.ts b/x-pack/plugins/event_log/server/es/init.ts index 37f20a5bf424f..cd9b460b34553 100644 --- a/x-pack/plugins/event_log/server/es/init.ts +++ b/x-pack/plugins/event_log/server/es/init.ts @@ -216,12 +216,17 @@ class EsInitializationSteps { const exists = await this.esContext.esAdapter.doesIndexTemplateExist( this.esContext.esNames.indexTemplate ); + const templateBody = getIndexTemplate(this.esContext.esNames); if (!exists) { - const templateBody = getIndexTemplate(this.esContext.esNames); await this.esContext.esAdapter.createIndexTemplate( this.esContext.esNames.indexTemplate, templateBody ); + } else { + await this.esContext.esAdapter.updateIndexTemplate( + this.esContext.esNames.indexTemplate, + templateBody + ); } } @@ -230,14 +235,10 @@ class EsInitializationSteps { this.esContext.esNames.dataStream ); if (!exists) { - await this.esContext.esAdapter.createDataStream(this.esContext.esNames.dataStream, { - aliases: { - [this.esContext.esNames.dataStream]: { - is_write_index: true, - is_hidden: true, - }, - }, - }); + await this.esContext.esAdapter.createDataStream(this.esContext.esNames.dataStream); + } else { + // apply current mappings to existing data stream + await this.esContext.esAdapter.updateConcreteIndices(this.esContext.esNames.dataStream); } } } diff --git a/x-pack/plugins/event_log/server/integration_tests/event_log_update_mappings.test.ts b/x-pack/plugins/event_log/server/integration_tests/event_log_update_mappings.test.ts new file mode 100644 index 0000000000000..22d3b80479971 --- /dev/null +++ b/x-pack/plugins/event_log/server/integration_tests/event_log_update_mappings.test.ts @@ -0,0 +1,173 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { type ElasticsearchClient } from '@kbn/core/server'; +import { setupKibanaServer, setupTestServers } from './lib/setup_test_servers'; +import { IEvent } from '../types'; +import { EsContextCtorParams } from '../es/context'; + +const { createEsContext: createEsContextMock } = jest.requireMock('../es'); +jest.mock('../es', () => { + const actual = jest.requireActual('../es'); + return { + ...actual, + createEsContext: jest.fn().mockImplementation((opts) => { + return new actual.createEsContext(opts); + }), + }; +}); + +describe('update existing event log mappings on startup', () => { + it('should update mappings for existing event log indices', async () => { + const setupResult = await setupTestServers(); + const esServer = setupResult.esServer; + let kibanaServer = setupResult.kibanaServer; + + expect(createEsContextMock).toHaveBeenCalledTimes(1); + let createEsContextOpts: EsContextCtorParams = createEsContextMock.mock.calls[0][0]; + let infoLogSpy = jest.spyOn(createEsContextOpts.logger, 'info'); + + await retry(async () => { + expect(infoLogSpy).toHaveBeenCalledWith(`Creating datastream .kibana-event-log-ds`); + expect(infoLogSpy).not.toHaveBeenCalledWith( + `Updating concrete index mappings for .kibana-event-log-ds` + ); + }); + + await injectEventLogDoc(kibanaServer.coreStart.elasticsearch.client.asInternalUser, { + '@timestamp': '2024-09-19T20:38:47.124Z', + event: { + provider: 'alerting', + action: 'execute', + kind: 'alert', + category: ['AlertingExample'], + start: '2024-09-19T20:38:46.963Z', + outcome: 'success', + end: '2024-09-19T20:38:47.124Z', + duration: '161000000', + }, + kibana: { + alert: { + rule: { + rule_type_id: 'example.always-firing', + consumer: 'alerts', + execution: { + uuid: '578f0ca3-aa08-4700-aed0-236c888c6cae', + metrics: { + number_of_triggered_actions: 0, + number_of_generated_actions: 0, + alert_counts: { + active: 5, + new: 5, + recovered: 5, + }, + number_of_delayed_alerts: 0, + number_of_searches: 0, + es_search_duration_ms: 0, + total_search_duration_ms: 0, + claim_to_start_duration_ms: 26, + total_run_duration_ms: 187, + prepare_rule_duration_ms: 18, + rule_type_run_duration_ms: 0, + process_alerts_duration_ms: 1, + persist_alerts_duration_ms: 64, + trigger_actions_duration_ms: 0, + process_rule_duration_ms: 69, + }, + }, + }, + }, + saved_objects: [ + { + rel: 'primary', + type: 'alert', + id: '3389d834-edc2-4245-a319-3ff689f5bf3b', + type_id: 'example.always-firing', + }, + ], + space_ids: ['default'], + task: { + scheduled: '2024-09-19T20:38:46.797Z', + schedule_delay: 166000000, + }, + alerting: { + outcome: 'success', + status: 'active', + }, + server_uuid: '5b2de169-2785-441b-ae8c-186a1936b17d', + version: '9.0.0', + }, + rule: { + id: '3389d834-edc2-4245-a319-3ff689f5bf3b', + license: 'basic', + category: 'example.always-firing', + ruleset: 'AlertingExample', + name: 'e', + }, + message: "rule executed: example.always-firing:3389d834-edc2-4245-a319-3ff689f5bf3b: 'e'", + ecs: { + version: '1.8.0', + }, + }); + + if (kibanaServer) { + await kibanaServer.stop(); + } + infoLogSpy.mockRestore(); + + const restartKb = await setupKibanaServer(); + kibanaServer = restartKb.kibanaServer; + + expect(createEsContextMock).toHaveBeenCalledTimes(2); + createEsContextOpts = createEsContextMock.mock.calls[1][0]; + infoLogSpy = jest.spyOn(createEsContextOpts.logger, 'info'); + const debugLogSpy = jest.spyOn(createEsContextOpts.logger, 'debug'); + + await retry(async () => { + expect(infoLogSpy).toHaveBeenCalledWith( + `Updating concrete index mappings for .kibana-event-log-ds` + ); + expect(debugLogSpy).toHaveBeenCalledWith( + `Successfully updated concrete index mappings for .kibana-event-log-ds` + ); + }); + + if (kibanaServer) { + await kibanaServer.stop(); + } + if (esServer) { + await esServer.stop(); + } + }); +}); + +async function injectEventLogDoc(esClient: ElasticsearchClient, doc: IEvent) { + await esClient.index({ + index: '.kibana-event-log-ds', + document: doc, + }); +} + +interface RetryOpts { + times: number; + intervalMs: number; +} + +async function retry(cb: () => Promise, options: RetryOpts = { times: 60, intervalMs: 500 }) { + let attempt = 1; + while (true) { + try { + return await cb(); + } catch (e) { + if (attempt >= options.times) { + throw e; + } + } + attempt++; + await new Promise((resolve) => setTimeout(resolve, options.intervalMs)); + } +} diff --git a/x-pack/plugins/event_log/server/integration_tests/lib/setup_test_servers.ts b/x-pack/plugins/event_log/server/integration_tests/lib/setup_test_servers.ts new file mode 100644 index 0000000000000..126b89b70992a --- /dev/null +++ b/x-pack/plugins/event_log/server/integration_tests/lib/setup_test_servers.ts @@ -0,0 +1,76 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import deepmerge from 'deepmerge'; +import { createTestServers, createRootWithCorePlugins } from '@kbn/core-test-helpers-kbn-server'; + +function createRoot(settings = {}) { + return createRootWithCorePlugins( + deepmerge( + { + logging: { + root: { + level: 'warn', + }, + loggers: [ + { + name: 'plugins.eventLog', + level: 'all', + }, + ], + }, + }, + settings + ), + { oss: false } + ); +} +export async function setupTestServers(settings = {}) { + const { startES } = createTestServers({ + adjustTimeout: (t) => jest.setTimeout(t), + settings: { + es: { + license: 'trial', + }, + }, + }); + + const esServer = await startES(); + + const root = createRoot(settings); + + await root.preboot(); + const coreSetup = await root.setup(); + const coreStart = await root.start(); + + return { + esServer, + kibanaServer: { + root, + coreSetup, + coreStart, + stop: async () => await root.shutdown(), + }, + }; +} + +export async function setupKibanaServer(settings = {}) { + const root = createRoot(settings); + + await root.preboot(); + const coreSetup = await root.setup(); + const coreStart = await root.start(); + + return { + kibanaServer: { + root, + coreSetup, + coreStart, + stop: async () => await root.shutdown(), + }, + }; +} diff --git a/x-pack/plugins/event_log/tsconfig.json b/x-pack/plugins/event_log/tsconfig.json index cec36c8f2b785..65ccb4cf3b11c 100644 --- a/x-pack/plugins/event_log/tsconfig.json +++ b/x-pack/plugins/event_log/tsconfig.json @@ -21,6 +21,7 @@ "@kbn/std", "@kbn/safer-lodash-set", "@kbn/serverless", + "@kbn/core-test-helpers-kbn-server", ], "exclude": [ "target/**/*", diff --git a/x-pack/plugins/fleet/common/openapi/bundled.json b/x-pack/plugins/fleet/common/openapi/bundled.json index aeef4ba323fa9..e8ee2788c7632 100644 --- a/x-pack/plugins/fleet/common/openapi/bundled.json +++ b/x-pack/plugins/fleet/common/openapi/bundled.json @@ -7592,6 +7592,56 @@ }, "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers." } + }, + "monitoring_pprof_enabled": { + "type": "boolean" + }, + "monitoring_http": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + }, + "host": { + "type": "string" + }, + "port": { + "type": "number" + } + }, + "required": [ + "enabled" + ] + }, + "monitoring_diagnostics": { + "type": "object", + "properties": { + "limit": { + "type": "object", + "properties": { + "interval": { + "type": "string" + }, + "burst": { + "type": "number" + } + } + }, + "uploader": { + "type": "object", + "properties": { + "max_retries": { + "type": "number" + }, + "init_dur": { + "type": "string" + }, + "max_dur": { + "type": "string" + } + } + } + } } }, "required": [ @@ -7874,6 +7924,93 @@ } } }, + "monitoring": { + "type": "object", + "properties": { + "namespace": { + "type": "string" + }, + "use_output": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "metrics": { + "type": "boolean" + }, + "logs": { + "type": "boolean" + }, + "traces": { + "type": "boolean" + }, + "pprof": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + } + }, + "required": [ + "enabled" + ] + }, + "http": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + }, + "host": { + "type": "string" + }, + "port": { + "type": "number" + } + }, + "required": [ + "enabled" + ] + }, + "diagnostics": { + "type": "object", + "properties": { + "limit": { + "type": "object", + "properties": { + "interval": { + "type": "string" + }, + "burst": { + "type": "number" + } + } + }, + "uploader": { + "type": "object", + "properties": { + "max_retries": { + "type": "number" + }, + "init_dur": { + "type": "string" + }, + "max_dur": { + "type": "string" + } + } + } + } + } + }, + "required": [ + "enabled", + "metrics", + "logs", + "traces" + ] + }, "fleet": { "oneOf": [ { diff --git a/x-pack/plugins/fleet/common/openapi/bundled.yaml b/x-pack/plugins/fleet/common/openapi/bundled.yaml index d5cb90624a196..9e8291ee3ea1d 100644 --- a/x-pack/plugins/fleet/common/openapi/bundled.yaml +++ b/x-pack/plugins/fleet/common/openapi/bundled.yaml @@ -4861,6 +4861,38 @@ components: description: >- User defined data tags that are added to all of the inputs. The values can be strings or numbers. + monitoring_pprof_enabled: + type: boolean + monitoring_http: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: number + required: + - enabled + monitoring_diagnostics: + type: object + properties: + limit: + type: object + properties: + interval: + type: string + burst: + type: number + uploader: + type: object + properties: + max_retries: + type: number + init_dur: + type: string + max_dur: + type: string required: - id - status @@ -5054,6 +5086,63 @@ components: type: integer data: $ref: '#/components/schemas/full_agent_policy_output_permissions' + monitoring: + type: object + properties: + namespace: + type: string + use_output: + type: string + enabled: + type: boolean + metrics: + type: boolean + logs: + type: boolean + traces: + type: boolean + pprof: + type: object + properties: + enabled: + type: boolean + required: + - enabled + http: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: number + required: + - enabled + diagnostics: + type: object + properties: + limit: + type: object + properties: + interval: + type: string + burst: + type: number + uploader: + type: object + properties: + max_retries: + type: number + init_dur: + type: string + max_dur: + type: string + required: + - enabled + - metrics + - logs + - traces fleet: oneOf: - type: object diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_policy.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/agent_policy.yaml index 02fd5c2800a48..59f30f863c243 100644 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/agent_policy.yaml +++ b/x-pack/plugins/fleet/common/openapi/components/schemas/agent_policy.yaml @@ -87,6 +87,38 @@ properties: - type: string - type: number description: User defined data tags that are added to all of the inputs. The values can be strings or numbers. + monitoring_pprof_enabled: + type: boolean + monitoring_http: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: number + required: + - enabled + monitoring_diagnostics: + type: object + properties: + limit: + type: object + properties: + interval: + type: string + burst: + type: number + uploader: + type: object + properties: + max_retries: + type: number + init_dur: + type: string + max_dur: + type: string required: - id - status diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/full_agent_policy.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/full_agent_policy.yaml index afe7f1aec328e..c901a60f59e43 100644 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/full_agent_policy.yaml +++ b/x-pack/plugins/fleet/common/openapi/components/schemas/full_agent_policy.yaml @@ -16,6 +16,63 @@ properties: type: integer data: $ref: ./full_agent_policy_output_permissions.yaml + monitoring: + type: object + properties: + namespace: + type: string + use_output: + type: string + enabled: + type: boolean + metrics: + type: boolean + logs: + type: boolean + traces: + type: boolean + pprof: + type: object + properties: + enabled: + type: boolean + required: + - enabled + http: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: number + required: + - enabled + diagnostics: + type: object + properties: + limit: + type: object + properties: + interval: + type: string + burst: + type: number + uploader: + type: object + properties: + max_retries: + type: number + init_dur: + type: string + max_dur: + type: string + required: + - enabled + - metrics + - logs + - traces fleet: oneOf: - type: object diff --git a/x-pack/plugins/fleet/common/settings/agent_policy_settings.tsx b/x-pack/plugins/fleet/common/settings/agent_policy_settings.tsx index e1bea2103c636..a4b41979840b2 100644 --- a/x-pack/plugins/fleet/common/settings/agent_policy_settings.tsx +++ b/x-pack/plugins/fleet/common/settings/agent_policy_settings.tsx @@ -105,32 +105,6 @@ export const AGENT_POLICY_ADVANCED_SETTINGS: SettingsConfig[] = [ 'https://www.elastic.co/guide/en/fleet/current/elastic-agent-standalone-logging-config.html#elastic-agent-standalone-logging-settings', schema: zodStringWithDurationValidation.default('30s'), }, - { - name: 'agent.monitoring.http', - api_field: { - name: 'agent_monitoring_http', - }, - title: i18n.translate('xpack.fleet.settings.agentPolicyAdvanced.agentMonitoringHttpTitle', { - defaultMessage: 'HTTP monitoring endpoint', - }), - description: i18n.translate( - 'xpack.fleet.settings.agentPolicyAdvanced.agentMonitoringHttpDescription', - { - defaultMessage: - 'Enables a liveness HTTP endpoint that returns the overall health of Elastic Agent. This can be used by Kubernetes to restart the container, for example.', - } - ), - learnMoreLink: - 'https://www.elastic.co/guide/en/fleet/current/agent-policy.html#agent-policy-http-monitoring', - schema: z - .object({ - enabled: z.boolean().describe('Enabled').default(false), - host: z.string().describe('Host').default('localhost'), - port: z.number().describe('Port').min(0).max(65353).default(6791), - 'buffer.enabled': z.boolean().describe('Buffer Enabled').default(false), - }) - .default({}), - }, { name: 'agent.logging.level', title: i18n.translate('xpack.fleet.settings.agentPolicyAdvanced.agentLoggingLevelTitle', { diff --git a/x-pack/plugins/fleet/common/types/models/agent_policy.ts b/x-pack/plugins/fleet/common/types/models/agent_policy.ts index 5fa4085c5106f..e10703f6fa0c5 100644 --- a/x-pack/plugins/fleet/common/types/models/agent_policy.ts +++ b/x-pack/plugins/fleet/common/types/models/agent_policy.ts @@ -44,6 +44,23 @@ export interface NewAgentPolicy { keep_monitoring_alive?: boolean | null; supports_agentless?: boolean | null; global_data_tags?: GlobalDataTag[]; + monitoring_pprof_enabled?: boolean; + monitoring_http?: { + enabled: boolean; + host?: string; + port?: number; + }; + monitoring_diagnostics?: { + limit?: { + interval?: string; + burst?: number; + }; + uploader?: { + max_retries?: number; + init_dur?: string; + max_dur?: string; + }; + }; } export interface GlobalDataTag { @@ -119,6 +136,25 @@ export interface FullAgentPolicyMonitoring { metrics: boolean; logs: boolean; traces: boolean; + pprof?: { + enabled: boolean; + }; + http?: { + enabled: boolean; + host?: string; + port?: number; + }; + diagnostics?: { + limit?: { + interval?: string; + burst?: number; + }; + uploader?: { + max_retries?: number; + init_dur?: string; + max_dur?: string; + }; + }; } export interface FullAgentPolicy { diff --git a/x-pack/plugins/fleet/cypress/e2e/a11y/home_page.cy.ts b/x-pack/plugins/fleet/cypress/e2e/a11y/home_page.cy.ts index a6ec3b26c9232..d9edc61f7c0bf 100644 --- a/x-pack/plugins/fleet/cypress/e2e/a11y/home_page.cy.ts +++ b/x-pack/plugins/fleet/cypress/e2e/a11y/home_page.cy.ts @@ -118,7 +118,7 @@ describe('Home page', () => { 'be.visible' ); cy.getBySel(AGENT_POLICY_CREATE_AGENT_POLICY_NAME_FIELD).type('testName'); - cy.get('.ingest-active-button').click(); + cy.getBySel(AGENT_POLICIES_CREATE_AGENT_POLICY_FLYOUT.ADVANCED_OPTIONS_TOGGLE).click(); cy.getBySel(AGENT_POLICIES_FLYOUT_ADVANCED_DEFAULT_NAMESPACE_HEADER, { timeout: 15000, }).should('be.visible'); diff --git a/x-pack/plugins/fleet/cypress/screens/fleet.ts b/x-pack/plugins/fleet/cypress/screens/fleet.ts index 4beadbd6a8fb0..4e1a0ac0f7e19 100644 --- a/x-pack/plugins/fleet/cypress/screens/fleet.ts +++ b/x-pack/plugins/fleet/cypress/screens/fleet.ts @@ -95,6 +95,7 @@ export const AGENT_FLYOUT = { export const AGENT_POLICIES_CREATE_AGENT_POLICY_FLYOUT = { TITLE: 'createAgentPolicyFlyoutTitle', CREATE_BUTTON: 'createAgentPolicyButton', + ADVANCED_OPTIONS_TOGGLE: 'advancedOptionsButton', COLLECT_LOGS_CHECKBOX: 'collectLogsCheckbox', COLLECT_METRICS_CHECKBOX: 'collectMetricsCheckbox', }; diff --git a/x-pack/plugins/fleet/public/applications/fleet/components/form_settings/index.test.tsx b/x-pack/plugins/fleet/public/applications/fleet/components/form_settings/index.test.tsx index fa03e9a0fd6fe..8bafc124ec36b 100644 --- a/x-pack/plugins/fleet/public/applications/fleet/components/form_settings/index.test.tsx +++ b/x-pack/plugins/fleet/public/applications/fleet/components/form_settings/index.test.tsx @@ -102,70 +102,6 @@ describe('ConfiguredSettings', () => { expect(mockUpdateAdvancedSettingsHasErrors).toHaveBeenCalledWith(true); }); - it('should render field group', () => { - const result = render([ - { - name: 'agent.monitoring.http', - api_field: { - name: 'agent_monitoring_http', - }, - title: 'Agent HTTP monitoring', - description: 'Agent HTTP monitoring settings', - learnMoreLink: - 'https://www.elastic.co/guide/en/fleet/current/enable-custom-policy-settings.html#override-default-monitoring-port', - schema: z - .object({ - enabled: z.boolean().describe('Enabled').default(false), - host: z.string().describe('Host').default('localhost'), - port: z.number().describe('Port').min(0).max(65353).default(6791), - 'buffer.enabled': z.boolean().describe('Buffer Enabled').default(false), - }) - .default({}), - }, - ]); - - expect(result.getByText('Agent HTTP monitoring')).not.toBeNull(); - expect(result.getByText('Buffer Enabled')).not.toBeNull(); - const switches = result.getAllByRole('switch'); - expect(switches).toHaveLength(2); - expect(switches[0]).not.toBeChecked(); - expect(switches[1]).not.toBeChecked(); - const port = result.getByTestId('configuredSetting-agent.monitoring.http-port'); - expect(port).toHaveValue(6791); - const host = result.getByTestId('configuredSetting-agent.monitoring.http-host'); - expect(host).toHaveValue('localhost'); - - act(() => { - fireEvent.click(switches[0]); - }); - - expect(mockUpdateAgentPolicy).toHaveBeenCalledWith( - expect.objectContaining({ - advanced_settings: expect.objectContaining({ agent_monitoring_http: { enabled: true } }), - }) - ); - - act(() => { - fireEvent.change(port, { target: { value: '6792' } }); - }); - - expect(mockUpdateAgentPolicy).toHaveBeenCalledWith( - expect.objectContaining({ - advanced_settings: expect.objectContaining({ agent_monitoring_http: { port: 6792 } }), - }) - ); - - act(() => { - fireEvent.change(host, { target: { value: '1.2.3.4' } }); - }); - - expect(mockUpdateAgentPolicy).toHaveBeenCalledWith( - expect.objectContaining({ - advanced_settings: expect.objectContaining({ agent_monitoring_http: { host: '1.2.3.4' } }), - }) - ); - }); - it('should not render field if hidden', () => { const result = render([ { diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/advanced_monitoring.tsx b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/advanced_monitoring.tsx new file mode 100644 index 0000000000000..de765531d7c6a --- /dev/null +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/advanced_monitoring.tsx @@ -0,0 +1,535 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import React from 'react'; +import { + EuiDescribedFormGroup, + EuiSpacer, + EuiCheckbox, + EuiLink, + EuiAccordion, + EuiCode, + EuiFlexGroup, + EuiFlexItem, + EuiFormRow, + EuiFieldText, + EuiFieldNumber, +} from '@elastic/eui'; +import styled from 'styled-components'; +import { FormattedMessage } from '@kbn/i18n-react'; + +import type { NewAgentPolicy, AgentPolicy } from '../../../../types'; +import { useStartServices } from '../../../../hooks'; +import type { ValidationResults } from '../agent_policy_validation'; + +const StyledEuiAccordion = styled(EuiAccordion)` + margin-block-start: ${(props) => props.theme.eui.euiSizeS}; + .ingest-active-button { + color: ${(props) => props.theme.eui.euiColorPrimary}; + } +`; + +const PushedDescribedFormGroup = styled(EuiDescribedFormGroup)` + h3, + .euiDescribedFormGroup__description { + padding-left: ${(props) => props.theme.eui.euiSizeL}; + } +`; + +export const AgentPolicyAdvancedMonitoringOptions: React.FunctionComponent<{ + agentPolicy: Partial; + disabled: boolean; + validation: ValidationResults; + touchedFields: { [key: string]: boolean }; + updateTouchedFields: (fields: { [key: string]: boolean }) => void; + updateAgentPolicy: (u: Partial) => void; +}> = ({ + agentPolicy, + disabled, + validation, + touchedFields, + updateTouchedFields, + updateAgentPolicy, +}) => { + const { docLinks } = useStartServices(); + + return ( + + } + buttonClassName={disabled ? undefined : 'ingest-active-button'} + isDisabled={disabled === true} + > + + + {/* HTTP monitoring endpoint */} + + + + } + description={ + + + + ), + }} + /> + } + > + + + {/* Enable base HTTP monitoring endpoint */} + /liveness, + }} + /> + } + disabled={disabled} + checked={agentPolicy.monitoring_http?.enabled} + onChange={(e) => { + const isEnabled = e.target.checked; + const host = isEnabled && !agentPolicy.monitoring_http?.host ? 'localhost' : undefined; + const port = isEnabled && !agentPolicy.monitoring_http?.port ? 6791 : undefined; + updateTouchedFields({ 'monitoring_http.enabled': true }); + updateAgentPolicy({ + monitoring_http: { + ...agentPolicy.monitoring_http, + ...(host ? { host } : {}), + ...(port ? { port } : {}), + enabled: isEnabled, + }, + }); + }} + /> + + + + {/* Host and port */} + + + + } + isDisabled={disabled || !agentPolicy.monitoring_http?.enabled} + error={ + touchedFields['monitoring_http.host'] && validation['monitoring_http.host'] + ? validation['monitoring_http.host'] + : null + } + isInvalid={Boolean( + touchedFields['monitoring_http.host'] && validation['monitoring_http.host'] + )} + > + { + updateAgentPolicy({ + monitoring_http: { + ...agentPolicy.monitoring_http!, + host: e.target.value, + }, + }); + }} + onBlur={() => updateTouchedFields({ 'monitoring_http.host': true })} + isInvalid={Boolean( + touchedFields['monitoring_http.host'] && validation['monitoring_http.host'] + )} + /> + + + + + } + isDisabled={disabled || !agentPolicy.monitoring_http?.enabled} + error={ + touchedFields['monitoring_http.port'] && validation['monitoring_http.port'] + ? validation['monitoring_http.port'] + : null + } + isInvalid={Boolean( + touchedFields['monitoring_http.port'] && validation['monitoring_http.port'] + )} + > + { + updateAgentPolicy({ + monitoring_http: { + ...agentPolicy.monitoring_http!, + port: e.target.value ? Number(e.target.value) : 0, + }, + }); + }} + onBlur={() => updateTouchedFields({ 'monitoring_http.port': true })} + isInvalid={Boolean( + touchedFields['monitoring_http.port'] && validation['monitoring_http.port'] + )} + /> + + + + + + + {/* Profiling endpoint */} + /debug/pprof, + }} + /> + } + disabled={disabled || !agentPolicy.monitoring_http?.enabled} + checked={agentPolicy.monitoring_pprof_enabled} + onChange={(e) => { + updateTouchedFields({ monitoring_pprof_enabled: true }); + updateAgentPolicy({ + monitoring_pprof_enabled: e.target.checked, + }); + }} + /> + + + {/* Diagnostics rate limiting */} + + + + } + description={ + + + + ), + }} + /> + } + > + + + + } + isDisabled={disabled} + error={ + touchedFields['monitoring_diagnostics.limit.interval'] && + validation['monitoring_diagnostics.limit.interval'] + ? validation['monitoring_diagnostics.limit.interval'] + : null + } + isInvalid={Boolean( + touchedFields['monitoring_diagnostics.limit.interval'] && + validation['monitoring_diagnostics.limit.interval'] + )} + > + { + updateAgentPolicy({ + monitoring_diagnostics: { + ...agentPolicy.monitoring_diagnostics, + limit: { + ...agentPolicy.monitoring_diagnostics?.limit, + interval: e.target.value ? e.target.value : undefined, + }, + }, + }); + }} + onBlur={() => + updateTouchedFields({ 'monitoring_diagnostics.limit.interval': true }) + } + isInvalid={Boolean( + touchedFields['monitoring_diagnostics.limit.interval'] && + validation['monitoring_diagnostics.limit.interval'] + )} + /> + + + + + } + isDisabled={disabled} + error={ + touchedFields['monitoring_diagnostics.limit.burst'] && + validation['monitoring_diagnostics.limit.burst'] + ? validation['monitoring_diagnostics.limit.burst'] + : null + } + isInvalid={Boolean( + touchedFields['monitoring_diagnostics.limit.burst'] && + validation['monitoring_diagnostics.limit.burst'] + )} + > + { + updateAgentPolicy({ + monitoring_diagnostics: { + ...agentPolicy.monitoring_diagnostics, + limit: { + ...agentPolicy.monitoring_diagnostics?.limit, + burst: e.target.value ? Number(e.target.value) : undefined, + }, + }, + }); + }} + onBlur={() => updateTouchedFields({ 'monitoring_diagnostics.limit.burst': true })} + isInvalid={Boolean( + touchedFields['monitoring_diagnostics.limit.burst'] && + validation['monitoring_diagnostics.limit.burst'] + )} + /> + + + {/* Empty to match colums with upload fields below */} + + + + {/* Diagnostics file upload */} + + + + } + description={ + + + + ), + }} + /> + } + > + + + + } + isDisabled={disabled} + error={ + touchedFields['monitoring_diagnostics.uploader.max_retries'] && + validation['monitoring_diagnostics.uploader.max_retries'] + ? validation['monitoring_diagnostics.uploader.max_retries'] + : null + } + isInvalid={Boolean( + touchedFields['monitoring_diagnostics.uploader.max_retries'] && + validation['monitoring_diagnostics.uploader.max_retries'] + )} + > + { + updateAgentPolicy({ + monitoring_diagnostics: { + ...agentPolicy.monitoring_diagnostics, + uploader: { + ...agentPolicy.monitoring_diagnostics?.uploader, + max_retries: e.target.value ? Number(e.target.value) : undefined, + }, + }, + }); + }} + onBlur={() => + updateTouchedFields({ 'monitoring_diagnostics.uploader.max_retries': true }) + } + isInvalid={Boolean( + touchedFields['monitoring_diagnostics.uploader.max_retries'] && + validation['monitoring_diagnostics.uploader.max_retries'] + )} + /> + + + + + } + isDisabled={disabled} + error={ + touchedFields['monitoring_diagnostics.uploader.init_dur'] && + validation['monitoring_diagnostics.uploader.init_dur'] + ? validation['monitoring_diagnostics.uploader.init_dur'] + : null + } + isInvalid={Boolean( + touchedFields['monitoring_diagnostics.uploader.init_dur'] && + validation['monitoring_diagnostics.uploader.init_dur'] + )} + > + { + updateAgentPolicy({ + monitoring_diagnostics: { + ...agentPolicy.monitoring_diagnostics, + uploader: { + ...agentPolicy.monitoring_diagnostics?.uploader, + init_dur: e.target.value ? e.target.value : undefined, + }, + }, + }); + }} + onBlur={() => + updateTouchedFields({ 'monitoring_diagnostics.uploader.init_dur': true }) + } + isInvalid={Boolean( + touchedFields['monitoring_diagnostics.uploader.init_dur'] && + validation['monitoring_diagnostics.uploader.init_dur'] + )} + /> + + + + + } + isDisabled={disabled} + error={ + touchedFields['monitoring_diagnostics.uploader.max_dur'] && + validation['monitoring_diagnostics.uploader.max_dur'] + ? validation['monitoring_diagnostics.uploader.max_dur'] + : null + } + isInvalid={Boolean( + touchedFields['monitoring_diagnostics.uploader.max_dur'] && + validation['monitoring_diagnostics.uploader.max_dur'] + )} + > + { + updateAgentPolicy({ + monitoring_diagnostics: { + ...agentPolicy.monitoring_diagnostics, + uploader: { + ...agentPolicy.monitoring_diagnostics?.uploader, + max_dur: e.target.value ? e.target.value : undefined, + }, + }, + }); + }} + onBlur={() => + updateTouchedFields({ 'monitoring_diagnostics.uploader.max_dur': true }) + } + isInvalid={Boolean( + touchedFields['monitoring_diagnostics.uploader.max_dur'] && + validation['monitoring_diagnostics.uploader.max_dur'] + )} + /> + + + + + + ); +}; diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/index.tsx b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/index.tsx index 9e35dc441fa28..fc16d56107ccd 100644 --- a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/index.tsx +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/index.tsx @@ -62,6 +62,7 @@ import { import { CustomFields } from './custom_fields'; import { SpaceSelector } from './space_selector'; +import { AgentPolicyAdvancedMonitoringOptions } from './advanced_monitoring'; interface Props { agentPolicy: Partial; @@ -141,6 +142,7 @@ export const AgentPolicyAdvancedOptionsContent: React.FunctionComponent = /> } > + @@ -401,6 +403,7 @@ export const AgentPolicyAdvancedOptionsContent: React.FunctionComponent = /> } > + = }} /> + + setTouchedFields({ ...touchedFields, ...fields })} + updateAgentPolicy={updateAgentPolicy} + /> + + {AgentTamperProtectionSection} = ({ { it('should return error when agentPolicy has empty namespace', () => { const result = agentPolicyFormValidation({ - namespace: 'Default', + namespace: '', name: 'policy', }); expect(result.namespace).toBeDefined(); @@ -33,18 +33,113 @@ describe('Agent Policy form validation', () => { it('should return error when agentPolicy has negative unenroll timeout', () => { const result = agentPolicyFormValidation({ - namespace: 'Default', + namespace: 'default', name: 'policy', unenroll_timeout: -1, }); expect(result.unenroll_timeout).toBeDefined(); }); + it('should return error when agentPolicy has negative inactivity timeout', () => { const result = agentPolicyFormValidation({ - namespace: 'Default', + namespace: 'default', name: 'policy', inactivity_timeout: -1, }); expect(result.inactivity_timeout).toBeDefined(); }); + + it('should return error when agentPolicy has http monitoring enabled without host or port', () => { + expect( + agentPolicyFormValidation({ + namespace: 'default', + name: 'policy', + monitoring_http: { + enabled: true, + host: 'localhost', + port: 123, + }, + }) + ).toEqual({}); + + expect( + agentPolicyFormValidation({ + namespace: 'default', + name: 'policy', + monitoring_http: { + enabled: false, + host: '', + }, + }) + ).toEqual({}); + + expect( + Object.keys( + agentPolicyFormValidation({ + namespace: 'default', + name: 'policy', + monitoring_http: { + enabled: true, + host: '', + port: 123, + }, + }) + ) + ).toEqual(['monitoring_http.host']); + + expect( + Object.keys( + agentPolicyFormValidation({ + namespace: 'default', + name: 'policy', + monitoring_http: { + enabled: true, + host: '', + }, + }) + ) + ).toEqual(['monitoring_http.host', 'monitoring_http.port']); + }); + + it('should return error when agentPolicy has invalid diagnostics options', () => { + expect( + Object.keys( + agentPolicyFormValidation({ + namespace: 'default', + name: 'policy', + monitoring_diagnostics: { + limit: { + burst: 0, + }, + uploader: { + max_retries: -1, + }, + }, + }) + ) + ).toEqual([ + 'monitoring_diagnostics.limit.burst', + 'monitoring_diagnostics.uploader.max_retries', + ]); + + expect( + Object.keys( + agentPolicyFormValidation({ + namespace: 'default', + name: 'policy', + monitoring_diagnostics: { + limit: { + burst: -1, + }, + uploader: { + max_retries: 0, + }, + }, + }) + ) + ).toEqual([ + 'monitoring_diagnostics.limit.burst', + 'monitoring_diagnostics.uploader.max_retries', + ]); + }); }); diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_validation.tsx b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_validation.tsx index a52c2b488139c..109e62b0e0de4 100644 --- a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_validation.tsx +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_validation.tsx @@ -42,7 +42,7 @@ export const agentPolicyFormValidation = ( errors.unenroll_timeout = [ , ]; } @@ -51,7 +51,54 @@ export const agentPolicyFormValidation = ( errors.inactivity_timeout = [ , + ]; + } + + if (agentPolicy.monitoring_http?.enabled) { + if (!agentPolicy.monitoring_http.host?.trim()) { + errors['monitoring_http.host'] = [ + , + ]; + } + + if ( + !agentPolicy.monitoring_http.port || + (agentPolicy.monitoring_http.port !== undefined && agentPolicy.monitoring_http.port <= 0) + ) { + errors['monitoring_http.port'] = [ + , + ]; + } + } + + if ( + agentPolicy.monitoring_diagnostics?.limit?.burst !== undefined && + agentPolicy.monitoring_diagnostics?.limit?.burst <= 0 + ) { + errors['monitoring_diagnostics.limit.burst'] = [ + , + ]; + } + + if ( + agentPolicy.monitoring_diagnostics?.uploader?.max_retries !== undefined && + agentPolicy.monitoring_diagnostics?.uploader?.max_retries <= 0 + ) { + errors['monitoring_diagnostics.uploader.max_retries'] = [ + , ]; } diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/details_page/components/settings/index.tsx b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/details_page/components/settings/index.tsx index 9be265a6385cb..14dcf6df21b9f 100644 --- a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/details_page/components/settings/index.tsx +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/details_page/components/settings/index.tsx @@ -57,6 +57,9 @@ const pickAgentPolicyKeysToSend = (agentPolicy: AgentPolicy) => 'is_protected', 'advanced_settings', 'global_data_tags', + 'monitoring_pprof_enabled', + 'monitoring_http', + 'monitoring_diagnostics', ]); const FormWrapper = styled.div` diff --git a/x-pack/plugins/fleet/server/constants/fleet_es_assets.ts b/x-pack/plugins/fleet/server/constants/fleet_es_assets.ts index 83c283591a9bd..55e6493c77891 100644 --- a/x-pack/plugins/fleet/server/constants/fleet_es_assets.ts +++ b/x-pack/plugins/fleet/server/constants/fleet_es_assets.ts @@ -11,7 +11,7 @@ import { getESAssetMetadata } from '../services/epm/elasticsearch/meta'; const meta = getESAssetMetadata(); -export const FLEET_INSTALL_FORMAT_VERSION = '1.2.0'; +export const FLEET_INSTALL_FORMAT_VERSION = '1.3.0'; export const FLEET_AGENT_POLICIES_SCHEMA_VERSION = '1.1.1'; diff --git a/x-pack/plugins/fleet/server/routes/schema/errors.ts b/x-pack/plugins/fleet/server/routes/schema/errors.ts index 1d8f0f5d5b92d..09dc90d55ff45 100644 --- a/x-pack/plugins/fleet/server/routes/schema/errors.ts +++ b/x-pack/plugins/fleet/server/routes/schema/errors.ts @@ -10,8 +10,8 @@ import { schema } from '@kbn/config-schema'; export const genericErrorResponse = () => schema.object( { - statusCode: schema.number(), - error: schema.string(), + statusCode: schema.maybe(schema.number()), + error: schema.maybe(schema.string()), message: schema.string(), }, { diff --git a/x-pack/plugins/fleet/server/saved_objects/index.ts b/x-pack/plugins/fleet/server/saved_objects/index.ts index 3c224ee6ba881..0eb6c86df01e2 100644 --- a/x-pack/plugins/fleet/server/saved_objects/index.ts +++ b/x-pack/plugins/fleet/server/saved_objects/index.ts @@ -91,7 +91,7 @@ import { migratePackagePolicyToV81102, migratePackagePolicyEvictionsFromV81102, } from './migrations/security_solution/to_v8_11_0_2'; -import { settingsV1 } from './model_versions/v1'; +import { settingsV1 } from './model_versions/settings_v1'; import { packagePolicyV13AdvancedFields, packagePolicyV10OnWriteScanFix, @@ -100,6 +100,7 @@ import { migratePackagePolicyIdsToV8150, migratePackagePolicySetRequiresRootToV8150, } from './migrations/to_v8_15_0'; +import { backfillAgentPolicyToV4 } from './model_versions/agent_policy_v4'; /* * Saved object types and mappings @@ -223,6 +224,9 @@ export const getSavedObjectTypes = ( advanced_settings: { type: 'flattened', index: false }, supports_agentless: { type: 'boolean' }, global_data_tags: { type: 'flattened', index: false }, + monitoring_pprof_enabled: { type: 'boolean', index: false }, + monitoring_http: { type: 'flattened', index: false }, + monitoring_diagnostics: { type: 'flattened', index: false }, }, }, migrations: { @@ -263,6 +267,22 @@ export const getSavedObjectTypes = ( }, ], }, + '4': { + changes: [ + { + type: 'mappings_addition', + addedMappings: { + monitoring_pprof_enabled: { type: 'boolean', index: false }, + monitoring_http: { type: 'flattened', index: false }, + monitoring_diagnostics: { type: 'flattened', index: false }, + }, + }, + { + type: 'data_backfill', + backfillFn: backfillAgentPolicyToV4, + }, + ], + }, }, }, [AGENT_POLICY_SAVED_OBJECT_TYPE]: { diff --git a/x-pack/plugins/fleet/server/saved_objects/model_versions/agent_policy_v4.test.ts b/x-pack/plugins/fleet/server/saved_objects/model_versions/agent_policy_v4.test.ts new file mode 100644 index 0000000000000..0dcd883168df2 --- /dev/null +++ b/x-pack/plugins/fleet/server/saved_objects/model_versions/agent_policy_v4.test.ts @@ -0,0 +1,131 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { + SavedObject, + SavedObjectModelTransformationContext, +} from '@kbn/core-saved-objects-server'; + +import type { AgentPolicy } from '../../../common'; + +import { backfillAgentPolicyToV4 } from './agent_policy_v4'; + +describe('migrateAgentPolicyToV8160', () => { + it('should migrate advanced_settings.agent_monitoring_http to monitoring_http', () => { + const agentPolicyDoc: SavedObject = { + id: 'policy1', + type: 'ingest-agent-policies', + references: [], + attributes: { + id: 'policy1', + name: 'Policy 1', + namespace: 'default', + advanced_settings: { + agent_monitoring_http: { + enabled: true, + host: 'localhost', + port: 1111, + 'buffer.enabled': true, + }, + }, + is_managed: false, + status: 'active', + updated_at: '2021-08-17T14:00:00.000Z', + updated_by: 'elastic', + revision: 1, + is_protected: false, + }, + }; + + const migratedAgentPolicyDoc = backfillAgentPolicyToV4( + agentPolicyDoc, + {} as SavedObjectModelTransformationContext + ); + + expect(migratedAgentPolicyDoc.attributes.monitoring_http).toEqual({ + enabled: true, + host: 'localhost', + port: 1111, + }); + expect( + migratedAgentPolicyDoc.attributes.advanced_settings?.agent_monitoring_http + ).toBeUndefined(); + }); + + it('should migrate advanced_settings.agent_monitoring_http to monitoring_http when most values are missing', () => { + const agentPolicyDoc: SavedObject = { + id: 'policy1', + type: 'ingest-agent-policies', + references: [], + attributes: { + id: 'policy1', + name: 'Policy 1', + namespace: 'default', + advanced_settings: { + agent_monitoring_http: { + enabled: true, + }, + }, + is_managed: false, + status: 'active', + updated_at: '2021-08-17T14:00:00.000Z', + updated_by: 'elastic', + revision: 1, + is_protected: false, + }, + }; + + const migratedAgentPolicyDoc = backfillAgentPolicyToV4( + agentPolicyDoc, + {} as SavedObjectModelTransformationContext + ); + + expect(migratedAgentPolicyDoc.attributes.monitoring_http).toEqual({ + enabled: true, + }); + expect( + migratedAgentPolicyDoc.attributes.advanced_settings?.agent_monitoring_http + ).toBeUndefined(); + }); + + it('should migrate advanced_settings.agent_monitoring_http to monitoring_http when some values are missing', () => { + const agentPolicyDoc: SavedObject = { + id: 'policy1', + type: 'ingest-agent-policies', + references: [], + attributes: { + id: 'policy1', + name: 'Policy 1', + namespace: 'default', + advanced_settings: { + agent_monitoring_http: { + enabled: true, + 'buffer.enabled': true, + }, + }, + is_managed: false, + status: 'active', + updated_at: '2021-08-17T14:00:00.000Z', + updated_by: 'elastic', + revision: 1, + is_protected: false, + }, + }; + + const migratedAgentPolicyDoc = backfillAgentPolicyToV4( + agentPolicyDoc, + {} as SavedObjectModelTransformationContext + ); + + expect(migratedAgentPolicyDoc.attributes.monitoring_http).toEqual({ + enabled: true, + }); + expect( + migratedAgentPolicyDoc.attributes.advanced_settings?.agent_monitoring_http + ).toBeUndefined(); + }); +}); diff --git a/x-pack/plugins/fleet/server/saved_objects/model_versions/agent_policy_v4.ts b/x-pack/plugins/fleet/server/saved_objects/model_versions/agent_policy_v4.ts new file mode 100644 index 0000000000000..aa1b6624ab719 --- /dev/null +++ b/x-pack/plugins/fleet/server/saved_objects/model_versions/agent_policy_v4.ts @@ -0,0 +1,25 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { SavedObjectModelDataBackfillFn } from '@kbn/core-saved-objects-server'; + +import type { AgentPolicy } from '../../../common'; + +export const backfillAgentPolicyToV4: SavedObjectModelDataBackfillFn = ( + agentPolicyDoc +) => { + const advancedSettings = agentPolicyDoc.attributes.advanced_settings; + if (advancedSettings?.agent_monitoring_http) { + agentPolicyDoc.attributes.monitoring_http = { + enabled: advancedSettings.agent_monitoring_http.enabled, + host: advancedSettings.agent_monitoring_http.host, + port: advancedSettings.agent_monitoring_http.port, + }; + delete advancedSettings.agent_monitoring_http; + } + return agentPolicyDoc; +}; diff --git a/x-pack/plugins/fleet/server/saved_objects/model_versions/v1.ts b/x-pack/plugins/fleet/server/saved_objects/model_versions/settings_v1.ts similarity index 100% rename from x-pack/plugins/fleet/server/saved_objects/model_versions/v1.ts rename to x-pack/plugins/fleet/server/saved_objects/model_versions/settings_v1.ts diff --git a/x-pack/plugins/fleet/server/services/agent_policies/full_agent_policy.test.ts b/x-pack/plugins/fleet/server/services/agent_policies/full_agent_policy.test.ts index d2ff49b04e340..fa5522d50802b 100644 --- a/x-pack/plugins/fleet/server/services/agent_policies/full_agent_policy.test.ts +++ b/x-pack/plugins/fleet/server/services/agent_policies/full_agent_policy.test.ts @@ -20,6 +20,7 @@ import { getPackageInfo } from '../epm/packages'; import { generateFleetConfig, getFullAgentPolicy, + getFullMonitoringSettings, transformOutputToFullPolicyOutput, } from './full_agent_policy'; import { getMonitoringPermissions } from './monitoring_permissions'; @@ -901,6 +902,167 @@ describe('getFullAgentPolicy', () => { }); }); +describe('getFullMonitoringSettings', () => { + it('should return the correct settings when all values are present', async () => { + const monitoringSettings = getFullMonitoringSettings( + { + namespace: 'default', + monitoring_enabled: ['metrics', 'logs', 'traces'], + monitoring_pprof_enabled: true, + monitoring_http: { + enabled: true, + host: 'localhost', + port: 1111, + }, + monitoring_diagnostics: { + limit: { + interval: '1m', + burst: 10, + }, + uploader: { + max_retries: 3, + init_dur: '1m', + max_dur: '10m', + }, + }, + }, + { + id: 'some-output', + is_default: false, + type: 'elasticsearch', + } + ); + + expect(monitoringSettings).toEqual({ + enabled: true, + logs: true, + metrics: true, + traces: true, + namespace: 'default', + use_output: 'some-output', + pprof: { enabled: true }, + http: { + enabled: true, + host: 'localhost', + port: 1111, + }, + diagnostics: { + limit: { + interval: '1m', + burst: 10, + }, + uploader: { + max_retries: 3, + init_dur: '1m', + max_dur: '10m', + }, + }, + }); + }); + + it('should return the correct settings when some values are present', async () => { + const monitoringSettings = getFullMonitoringSettings( + { + namespace: 'default', + monitoring_enabled: ['metrics'], + monitoring_pprof_enabled: false, + monitoring_http: { + enabled: true, + host: 'localhost', + }, + monitoring_diagnostics: { + limit: { + interval: '1m', + }, + uploader: { + max_dur: '10m', + }, + }, + }, + { + id: 'some-output', + is_default: true, + type: 'elasticsearch', + } + ); + + expect(monitoringSettings).toEqual({ + enabled: true, + logs: false, + metrics: true, + traces: false, + namespace: 'default', + use_output: 'default', + pprof: { enabled: false }, + http: { + enabled: true, + host: 'localhost', + }, + diagnostics: { + limit: { + interval: '1m', + }, + uploader: { + max_dur: '10m', + }, + }, + }); + }); + + it('should return the correct settings when beats monitoring is disabled and minimal values are present', async () => { + const monitoringSettings = getFullMonitoringSettings( + { + namespace: 'default', + monitoring_enabled: [], + monitoring_http: { + enabled: true, + }, + monitoring_diagnostics: {}, + }, + { + id: 'some-output', + is_default: true, + type: 'elasticsearch', + } + ); + + expect(monitoringSettings).toEqual({ + enabled: true, + logs: false, + metrics: false, + traces: false, + http: { + enabled: true, + }, + }); + }); + + it('should disable monitoring if beats and http monitoring are disabled', async () => { + const monitoringSettings = getFullMonitoringSettings( + { + namespace: 'default', + monitoring_enabled: [], + monitoring_http: { + enabled: false, + }, + monitoring_diagnostics: {}, + }, + { + id: 'some-output', + is_default: true, + type: 'elasticsearch', + } + ); + + expect(monitoringSettings).toEqual({ + enabled: false, + logs: false, + metrics: false, + traces: false, + }); + }); +}); + describe('transformOutputToFullPolicyOutput', () => { it('should works with only required field on a output', () => { const policyOutput = transformOutputToFullPolicyOutput({ diff --git a/x-pack/plugins/fleet/server/services/agent_policies/full_agent_policy.ts b/x-pack/plugins/fleet/server/services/agent_policies/full_agent_policy.ts index d5216b28991c6..6a586364f31d5 100644 --- a/x-pack/plugins/fleet/server/services/agent_policies/full_agent_policy.ts +++ b/x-pack/plugins/fleet/server/services/agent_policies/full_agent_policy.ts @@ -136,36 +136,6 @@ export async function getFullAgentPolicy( const packagePolicySecretReferences = (agentPolicy?.package_policies || []).flatMap( (policy) => policy.secret_references || [] ); - const defaultMonitoringConfig: FullAgentPolicyMonitoring = { - enabled: false, - logs: false, - metrics: false, - traces: false, - }; - - let monitoring: FullAgentPolicyMonitoring = { ...defaultMonitoringConfig }; - - // If the agent policy has monitoring enabled for at least one of "logs", "metrics", or "traces" - // generate a monitoring config for the resulting compiled agent policy - if (agentPolicy.monitoring_enabled && agentPolicy.monitoring_enabled.length > 0) { - monitoring = { - namespace: agentPolicy.namespace, - use_output: getOutputIdForAgentPolicy(monitoringOutput), - enabled: true, - logs: agentPolicy.monitoring_enabled.includes(dataTypes.Logs), - metrics: agentPolicy.monitoring_enabled.includes(dataTypes.Metrics), - traces: agentPolicy.monitoring_enabled.includes(dataTypes.Traces), - }; - // If the `keep_monitoring_alive` flag is set, enable monitoring but don't enable logs or metrics. - // This allows cloud or other environments to keep the monitoring server alive without tearing it down. - } else if (agentPolicy.keep_monitoring_alive) { - monitoring = { - enabled: true, - logs: false, - metrics: false, - traces: false, - }; - } const fullAgentPolicy: FullAgentPolicy = { id: agentPolicy.id, @@ -188,7 +158,7 @@ export async function getFullAgentPolicy( sourceURI: downloadSourceUri, ...(downloadSourceProxyUri ? { proxy_url: downloadSourceProxyUri } : {}), }, - monitoring, + monitoring: getFullMonitoringSettings(agentPolicy, monitoringOutput), features, protection: { enabled: agentPolicy.is_protected, @@ -550,11 +520,102 @@ export function transformOutputToFullPolicyOutput( return newOutput; } +export function getFullMonitoringSettings( + agentPolicy: Pick< + AgentPolicy, + | 'namespace' + | 'monitoring_enabled' + | 'keep_monitoring_alive' + | 'monitoring_pprof_enabled' + | 'monitoring_http' + | 'monitoring_diagnostics' + >, + monitoringOutput: Pick +): FullAgentPolicyMonitoring { + // Set base beats monitoring settings + const monitoring: FullAgentPolicyMonitoring = { + enabled: Boolean( + (agentPolicy.monitoring_enabled && agentPolicy.monitoring_enabled.length > 0) || + agentPolicy.monitoring_http?.enabled || + agentPolicy.keep_monitoring_alive + ), + logs: false, + metrics: false, + traces: false, + }; + + // If the agent policy has monitoring enabled for at least one of "logs", "metrics", or "traces" + // generate a monitoring config for the resulting compiled agent policy + if (agentPolicy.monitoring_enabled && agentPolicy.monitoring_enabled.length > 0) { + monitoring.namespace = agentPolicy.namespace; + monitoring.use_output = getOutputIdForAgentPolicy(monitoringOutput); + monitoring.logs = agentPolicy.monitoring_enabled.includes(dataTypes.Logs); + monitoring.metrics = agentPolicy.monitoring_enabled.includes(dataTypes.Metrics); + monitoring.traces = agentPolicy.monitoring_enabled.includes(dataTypes.Traces); + } + + if (agentPolicy.monitoring_pprof_enabled !== undefined) { + monitoring.pprof = { + enabled: agentPolicy.monitoring_pprof_enabled, + }; + } + + // Conditionally set http monitoring settings + if (agentPolicy.monitoring_http?.enabled) { + monitoring.http = { + enabled: agentPolicy.monitoring_http.enabled, + ...(agentPolicy.monitoring_http.host && { host: agentPolicy.monitoring_http.host }), + ...(agentPolicy.monitoring_http.port && { port: agentPolicy.monitoring_http.port }), + }; + } + + // Conditionally set diagnostics monitoring settings + if (agentPolicy.monitoring_diagnostics?.limit || agentPolicy.monitoring_diagnostics?.uploader) { + monitoring.diagnostics = {}; + + if ( + agentPolicy.monitoring_diagnostics.limit && + (agentPolicy.monitoring_diagnostics.limit.interval || + typeof agentPolicy.monitoring_diagnostics.limit.burst === 'number') + ) { + monitoring.diagnostics.limit = { + ...(agentPolicy.monitoring_diagnostics.limit.interval && { + interval: agentPolicy.monitoring_diagnostics.limit.interval, + }), + ...(typeof agentPolicy.monitoring_diagnostics.limit.burst === 'number' && { + burst: agentPolicy.monitoring_diagnostics.limit.burst, + }), + }; + } + + if ( + agentPolicy.monitoring_diagnostics.uploader && + (typeof agentPolicy.monitoring_diagnostics.uploader.max_retries === 'number' || + agentPolicy.monitoring_diagnostics.uploader.init_dur || + agentPolicy.monitoring_diagnostics.uploader.max_dur) + ) { + monitoring.diagnostics.uploader = { + ...(typeof agentPolicy.monitoring_diagnostics.uploader.max_retries === 'number' && { + max_retries: agentPolicy.monitoring_diagnostics.uploader.max_retries, + }), + ...(agentPolicy.monitoring_diagnostics.uploader.init_dur && { + init_dur: agentPolicy.monitoring_diagnostics.uploader.init_dur, + }), + ...(agentPolicy.monitoring_diagnostics.uploader.max_dur && { + max_dur: agentPolicy.monitoring_diagnostics.uploader.max_dur, + }), + }; + } + } + + return monitoring; +} + /** * Get id used in full agent policy (sent to the agents) * we use "default" for the default policy to avoid breaking changes */ -function getOutputIdForAgentPolicy(output: Output) { +function getOutputIdForAgentPolicy(output: Pick) { if (output.is_default && output.type === outputType.Elasticsearch) { return DEFAULT_OUTPUT.name; } diff --git a/x-pack/plugins/fleet/server/services/agent_policy.ts b/x-pack/plugins/fleet/server/services/agent_policy.ts index c4fe6c4604a6e..9f9a38bebfef6 100644 --- a/x-pack/plugins/fleet/server/services/agent_policy.ts +++ b/x-pack/plugins/fleet/server/services/agent_policy.ts @@ -759,6 +759,9 @@ class AgentPolicyService { 'fleet_server_host_id', 'supports_agentless', 'global_data_tags', + 'monitoring_pprof_enabled', + 'monitoring_http', + 'monitoring_diagnostics', ]), ...newAgentPolicyProps, }, diff --git a/x-pack/plugins/fleet/server/services/epm/elasticsearch/template/install.ts b/x-pack/plugins/fleet/server/services/epm/elasticsearch/template/install.ts index 2ee8477e04f42..2a17768ac1f9c 100644 --- a/x-pack/plugins/fleet/server/services/epm/elasticsearch/template/install.ts +++ b/x-pack/plugins/fleet/server/services/epm/elasticsearch/template/install.ts @@ -319,6 +319,7 @@ export function buildComponentTemplates(params: { experimentalDataStreamFeature?: ExperimentalDataStreamFeature; lifecycle?: IndexTemplate['template']['lifecycle']; fieldCount?: number; + type?: string; }) { const { templateName, @@ -330,6 +331,7 @@ export function buildComponentTemplates(params: { experimentalDataStreamFeature, lifecycle, fieldCount, + type, } = params; const packageTemplateName = `${templateName}${PACKAGE_TEMPLATE_SUFFIX}`; const userSettingsTemplateName = `${templateName}${USER_SETTINGS_TEMPLATE_SUFFIX}`; @@ -417,6 +419,17 @@ export function buildComponentTemplates(params: { _meta, }; + // Stub custom template + if (type) { + const customTemplateName = `${type}${USER_SETTINGS_TEMPLATE_SUFFIX}`; + templatesMap[customTemplateName] = { + template: { + settings: {}, + }, + _meta, + }; + } + // return empty/stub template templatesMap[userSettingsTemplateName] = { template: { @@ -580,6 +593,7 @@ export function prepareTemplate({ experimentalDataStreamFeature, lifecycle: lifecyle, fieldCount: countFields(validFields), + type: dataStream.type, }); const template = getTemplate({ diff --git a/x-pack/plugins/fleet/server/services/epm/packages/install_state_machine/steps/step_save_system_object.test.ts b/x-pack/plugins/fleet/server/services/epm/packages/install_state_machine/steps/step_save_system_object.test.ts index e91826c99793c..aecdd0b2552c4 100644 --- a/x-pack/plugins/fleet/server/services/epm/packages/install_state_machine/steps/step_save_system_object.test.ts +++ b/x-pack/plugins/fleet/server/services/epm/packages/install_state_machine/steps/step_save_system_object.test.ts @@ -91,7 +91,7 @@ describe('updateLatestExecutedState', () => { 'epm-packages', 'test-integration', { - install_format_schema_version: '1.2.0', + install_format_schema_version: '1.3.0', install_status: 'installed', install_version: '1.0.0', latest_install_failed_attempts: [], @@ -157,7 +157,7 @@ describe('updateLatestExecutedState', () => { 'epm-packages', 'test-integration', { - install_format_schema_version: '1.2.0', + install_format_schema_version: '1.3.0', install_status: 'installed', install_version: '1.0.0', latest_install_failed_attempts: [], diff --git a/x-pack/plugins/fleet/server/types/models/agent_policy.ts b/x-pack/plugins/fleet/server/types/models/agent_policy.ts index 560f6939eedba..38441b06eabbf 100644 --- a/x-pack/plugins/fleet/server/types/models/agent_policy.ts +++ b/x-pack/plugins/fleet/server/types/models/agent_policy.ts @@ -102,6 +102,32 @@ export const AgentPolicyBaseSchema = { } ) ), + monitoring_pprof_enabled: schema.maybe(schema.boolean()), + monitoring_http: schema.maybe( + schema.object({ + enabled: schema.boolean(), + host: schema.maybe(schema.string({ defaultValue: 'localhost' })), + port: schema.maybe(schema.number({ min: 0, max: 65353, defaultValue: 6791 })), + buffer: schema.maybe(schema.object({ enabled: schema.boolean({ defaultValue: false }) })), + }) + ), + monitoring_diagnostics: schema.maybe( + schema.object({ + limit: schema.maybe( + schema.object({ + interval: schema.maybe(schema.string()), + burst: schema.maybe(schema.number()), + }) + ), + uploader: schema.maybe( + schema.object({ + max_retries: schema.maybe(schema.number()), + init_dur: schema.maybe(schema.string()), + max_dur: schema.maybe(schema.string()), + }) + ), + }) + ), }; function validateGlobalDataTagInput(tags: GlobalDataTag[]): string | undefined { diff --git a/x-pack/plugins/index_lifecycle_management/__jest__/__snapshots__/policy_flyout.test.tsx.snap b/x-pack/plugins/index_lifecycle_management/__jest__/__snapshots__/policy_flyout.test.tsx.snap new file mode 100644 index 0000000000000..91a77cb2096f2 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/__jest__/__snapshots__/policy_flyout.test.tsx.snap @@ -0,0 +1,1027 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP + +exports[`View policy flyout shows all phases 1`] = ` +
+ +
+
+
+
+ +
+
+
+ + + +`; diff --git a/x-pack/plugins/index_lifecycle_management/__jest__/mocks.ts b/x-pack/plugins/index_lifecycle_management/__jest__/mocks.ts new file mode 100644 index 0000000000000..69363fdd660cf --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/__jest__/mocks.ts @@ -0,0 +1,97 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { PolicyFromES } from '../common/types'; + +export const policyAllPhases: PolicyFromES = { + name: 'test', + modifiedDate: '2024-08-12T12:17:06.271Z', + version: 1, + policy: { + name: 'test', + phases: { + hot: { + actions: { + rollover: { + max_age: '30d', + max_primary_shard_size: '50gb', + max_primary_shard_docs: 25, + max_docs: 235, + max_size: '2gb', + }, + set_priority: { + priority: 100, + }, + forcemerge: { + max_num_segments: 3, + index_codec: 'best_compression', + }, + shrink: { + number_of_shards: 1, + }, + readonly: {}, + }, + min_age: '0ms', + }, + warm: { + min_age: '3d', + actions: { + set_priority: { + priority: 50, + }, + shrink: { + max_primary_shard_size: '4gb', + }, + forcemerge: { + max_num_segments: 44, + index_codec: 'best_compression', + }, + allocate: { + number_of_replicas: 3, + }, + downsample: { + fixed_interval: '1d', + }, + }, + }, + cold: { + min_age: '55d', + actions: { + searchable_snapshot: { + snapshot_repository: 'found-snapshots', + }, + set_priority: { + priority: 0, + }, + allocate: { + number_of_replicas: 3, + }, + downsample: { + fixed_interval: '4d', + }, + }, + }, + frozen: { + min_age: '555d', + actions: { + searchable_snapshot: { + snapshot_repository: 'found-snapshots', + }, + }, + }, + delete: { + min_age: '7365d', + actions: { + wait_for_snapshot: { + policy: 'cloud-snapshot-policy', + }, + delete: {}, + }, + }, + }, + }, +}; diff --git a/x-pack/plugins/index_lifecycle_management/__jest__/policy_flyout.test.tsx b/x-pack/plugins/index_lifecycle_management/__jest__/policy_flyout.test.tsx new file mode 100644 index 0000000000000..75b26d98ddc9f --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/__jest__/policy_flyout.test.tsx @@ -0,0 +1,57 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React, { ReactElement } from 'react'; +import { mountWithIntl } from '@kbn/test-jest-helpers'; +import { findTestSubject, takeMountedSnapshot } from '@elastic/eui/lib/test'; + +import { docLinksServiceMock } from '@kbn/core/public/mocks'; + +import type { PolicyFromES } from '../common/types'; +import { KibanaContextProvider } from '../public/shared_imports'; +import { PolicyListContextProvider } from '../public/application/sections/policy_list/policy_list_context'; +import { ViewPolicyFlyout } from '../public/application/sections/policy_list/policy_flyout'; +import * as readOnlyHook from '../public/application/lib/use_is_read_only'; +import { policyAllPhases } from './mocks'; + +let component: ReactElement; +const TestComponent = ({ policy }: { policy: PolicyFromES }) => { + return ( + '', docLinks: docLinksServiceMock.createStartContract() }} + > + + + + + ); +}; + +describe('View policy flyout', () => { + beforeAll(() => { + jest.spyOn(readOnlyHook, 'useIsReadOnly').mockReturnValue(false); + component = ; + }); + it('shows all phases', () => { + const rendered = mountWithIntl(component); + expect(takeMountedSnapshot(rendered)).toMatchSnapshot(); + }); + + it('renders manage button', () => { + const rendered = mountWithIntl(component); + const button = findTestSubject(rendered, 'managePolicyButton'); + expect(button.exists()).toBeTruthy(); + }); + + it(`doesn't render manage button in read only view`, () => { + jest.spyOn(readOnlyHook, 'useIsReadOnly').mockReturnValue(true); + component = ; + const rendered = mountWithIntl(component); + const button = findTestSubject(rendered, 'managePolicyButton'); + expect(button.exists()).toBeFalsy(); + }); +}); diff --git a/x-pack/plugins/index_lifecycle_management/__jest__/policy_table.test.tsx b/x-pack/plugins/index_lifecycle_management/__jest__/policy_table.test.tsx index 19c0078c7eb6a..fe3b225499c33 100644 --- a/x-pack/plugins/index_lifecycle_management/__jest__/policy_table.test.tsx +++ b/x-pack/plugins/index_lifecycle_management/__jest__/policy_table.test.tsx @@ -21,6 +21,7 @@ import { init as initHttp } from '../public/application/services/http'; import { init as initUiMetric } from '../public/application/services/ui_metric'; import { KibanaContextProvider } from '../public/shared_imports'; import { PolicyListContextProvider } from '../public/application/sections/policy_list/policy_list_context'; +import * as readOnlyHook from '../public/application/lib/use_is_read_only'; initHttp(httpServiceMock.createSetupContract()); initUiMetric(usageCollectionPluginMock.createSetupContract()); @@ -72,9 +73,16 @@ jest.mock('react-router-dom', () => ({ ...jest.requireActual('react-router-dom'), useHistory: () => ({ createHref: jest.fn(), + location: { + search: '', + }, }), })); - +const mockReactRouterNavigate = jest.fn(); +jest.mock('@kbn/kibana-react-plugin/public', () => ({ + ...jest.requireActual('@kbn/kibana-react-plugin/public'), + reactRouterNavigate: () => mockReactRouterNavigate(), +})); let component: ReactElement; const snapshot = (rendered: string[]) => { @@ -129,6 +137,7 @@ const TestComponent = ({ testPolicies }: { testPolicies: PolicyFromES[] }) => { }; describe('policy table', () => { beforeEach(() => { + jest.spyOn(readOnlyHook, 'useIsReadOnly').mockReturnValue(false); component = ; window.localStorage.removeItem('ILM_SHOW_MANAGED_POLICIES_BY_DEFAULT'); }); @@ -296,7 +305,9 @@ describe('policy table', () => { test('add index template modal shows when add policy to index template button is pressed', () => { const rendered = mountWithIntl(component); const policyRow = findTestSubject(rendered, `policyTableRow-${testPolicy.name}`); - const addPolicyToTemplateButton = findTestSubject(policyRow, 'addPolicyToTemplate'); + const actionsButton = findTestSubject(policyRow, 'euiCollapsedItemActionsButton'); + actionsButton.simulate('click'); + const addPolicyToTemplateButton = findTestSubject(rendered, 'addPolicyToTemplate'); addPolicyToTemplateButton.simulate('click'); rendered.update(); expect(findTestSubject(rendered, 'addPolicyToTemplateModal').exists()).toBeTruthy(); @@ -312,6 +323,10 @@ describe('policy table', () => { expect(policyIndices).toBe(`${testPolicy.indices.length}`); const policyModifiedDate = findTestSubject(firstRow, 'policy-modifiedDate').text(); expect(policyModifiedDate).toBe(`${testDateFormatted}`); + + const cells = firstRow.find('td'); + // columns are name, linked index templates, linked indices, modified date, actions + expect(cells.length).toBe(5); }); test('opens a flyout with index templates', () => { const rendered = mountWithIntl(component); @@ -323,4 +338,25 @@ describe('policy table', () => { const indexTemplatesLinks = findTestSubject(rendered, 'indexTemplateLink'); expect(indexTemplatesLinks.length).toBe(testPolicy.indexTemplates.length); }); + test('opens a flyout to view policy by calling reactRouterNavigate', async () => { + const rendered = mountWithIntl(component); + const policyNameLink = findTestSubject(rendered, 'policyTablePolicyNameLink').at(0); + policyNameLink.simulate('click'); + rendered.update(); + expect(mockReactRouterNavigate).toHaveBeenCalled(); + }); + + describe('read only view', () => { + beforeEach(() => { + jest.spyOn(readOnlyHook, 'useIsReadOnly').mockReturnValue(true); + component = ; + }); + it(`doesn't show actions column in the table`, () => { + const rendered = mountWithIntl(component); + const policyRow = findTestSubject(rendered, `policyTableRow-testy0`); + const cells = policyRow.find('td'); + // columns are name, linked index templates, linked indices, modified date + expect(cells.length).toBe(4); + }); + }); }); diff --git a/x-pack/plugins/index_lifecycle_management/common/types/policies.ts b/x-pack/plugins/index_lifecycle_management/common/types/policies.ts index 236dfa85118eb..7ebb789f62e54 100644 --- a/x-pack/plugins/index_lifecycle_management/common/types/policies.ts +++ b/x-pack/plugins/index_lifecycle_management/common/types/policies.ts @@ -60,8 +60,6 @@ export interface SerializedActionWithAllocation { migrate?: MigrateAction; } -export type SearchableSnapshotStorage = 'full_copy' | 'shared_cache'; - export interface SearchableSnapshotAction { snapshot_repository: string; /** @@ -69,12 +67,6 @@ export interface SearchableSnapshotAction { * not suit the vast majority of cases. */ force_merge_index?: boolean; - /** - * This configuration lets the user create full or partial searchable snapshots. - * Full searchable snapshots store primary data locally and store replica data in the snapshot. - * Partial searchable snapshots store no data locally. - */ - storage?: SearchableSnapshotStorage; } export interface RolloverAction { @@ -96,9 +88,7 @@ export interface SerializedHotPhase extends SerializedPhase { shrink?: ShrinkAction; downsample?: DownsampleAction; - set_priority?: { - priority: number | null; - }; + set_priority?: SetPriorityAction; /** * Only available on enterprise license */ @@ -113,9 +103,7 @@ export interface SerializedWarmPhase extends SerializedPhase { forcemerge?: ForcemergeAction; readonly?: {}; downsample?: DownsampleAction; - set_priority?: { - priority: number | null; - }; + set_priority?: SetPriorityAction; migrate?: MigrateAction; }; } @@ -126,9 +114,7 @@ export interface SerializedColdPhase extends SerializedPhase { readonly?: {}; downsample?: DownsampleAction; allocate?: AllocateAction; - set_priority?: { - priority: number | null; - }; + set_priority?: SetPriorityAction; migrate?: MigrateAction; /** * Only available on enterprise license @@ -139,11 +125,6 @@ export interface SerializedColdPhase extends SerializedPhase { export interface SerializedFrozenPhase extends SerializedPhase { actions: { - allocate?: AllocateAction; - set_priority?: { - priority: number | null; - }; - migrate?: MigrateAction; /** * Only available on enterprise license */ @@ -187,11 +168,8 @@ export interface DownsampleAction { fixed_interval: string; } -export interface LegacyPolicy { - name: string; - phases: { - delete: DeletePhase; - }; +export interface SetPriorityAction { + priority: number | null; } export interface CommonPhaseSettings { @@ -203,44 +181,6 @@ export interface PhaseWithMinAge { selectedMinimumAgeUnits: string; } -export interface PhaseWithIndexPriority { - phaseIndexPriority: string; -} - -export interface PhaseWithForcemergeAction { - forceMergeEnabled: boolean; - selectedForceMergeSegments: string; - bestCompressionEnabled: boolean; -} - export interface DeletePhase extends CommonPhaseSettings, PhaseWithMinAge { waitForSnapshotPolicy: string; } - -export interface IndexLifecyclePolicy { - index: string; - managed: boolean; - action?: string; - action_time_millis?: number; - age?: string; - failed_step?: string; - failed_step_retry_count?: number; - is_auto_retryable_error?: boolean; - lifecycle_date_millis?: number; - phase?: string; - phase_execution?: { - policy: string; - modified_date_in_millis: number; - version: number; - phase_definition: SerializedPhase; - }; - phase_time_millis?: number; - policy?: string; - step?: string; - step_info?: { - reason?: string; - type?: string; - message?: string; - }; - step_time_millis?: number; -} diff --git a/x-pack/plugins/index_lifecycle_management/integration_tests/app/app.helpers.ts b/x-pack/plugins/index_lifecycle_management/integration_tests/app/app.helpers.ts index 66810ebb1e546..5f148bc89c551 100644 --- a/x-pack/plugins/index_lifecycle_management/integration_tests/app/app.helpers.ts +++ b/x-pack/plugins/index_lifecycle_management/integration_tests/app/app.helpers.ts @@ -22,8 +22,9 @@ const getTestBedConfig = (initialEntries: string[]): TestBedConfig => ({ export interface AppTestBed extends TestBed { actions: { - clickPolicyNameLink: () => void; - clickCreatePolicyButton: () => void; + clickPolicyNameLink: () => Promise; + clickCreatePolicyButton: () => Promise; + clickEditPolicyButton: () => Promise; }; } @@ -53,9 +54,17 @@ export const setup = async ( component.update(); }; + const clickEditPolicyButton = async () => { + const { component, find } = testBed; + await act(async () => { + find('editPolicy').simulate('click', { button: 0 }); + }); + component.update(); + }; + return { ...testBed, - actions: { clickPolicyNameLink, clickCreatePolicyButton }, + actions: { clickPolicyNameLink, clickCreatePolicyButton, clickEditPolicyButton }, }; }; diff --git a/x-pack/plugins/index_lifecycle_management/integration_tests/app/app.test.ts b/x-pack/plugins/index_lifecycle_management/integration_tests/app/app.test.ts index 1aaec089724b6..c2db9a4fc571b 100644 --- a/x-pack/plugins/index_lifecycle_management/integration_tests/app/app.test.ts +++ b/x-pack/plugins/index_lifecycle_management/integration_tests/app/app.test.ts @@ -7,6 +7,7 @@ import { act } from 'react-dom/test-utils'; +import * as hooks from '../../public/application/lib/use_is_read_only'; import { getDefaultHotPhasePolicy } from '../edit_policy/constants'; import { setupEnvironment } from '../helpers'; @@ -41,6 +42,7 @@ jest.mock('@elastic/eui', () => { describe('', () => { let testBed: AppTestBed; const { httpSetup, httpRequestsMockHelpers } = setupEnvironment(); + jest.spyOn(hooks, 'useIsReadOnly').mockReturnValue(false); describe('new policy creation', () => { test('when there are no policies', async () => { @@ -92,7 +94,7 @@ describe('', () => { await actions.clickPolicyNameLink(); component.update(); - expect(testBed.find('policyTitle').text()).toBe(`${editPolicyTitle} ${SPECIAL_CHARS_NAME}`); + expect(testBed.find('policyFlyoutTitle').text()).toBe(SPECIAL_CHARS_NAME); }); test('loading edit policy page url works', async () => { @@ -166,9 +168,7 @@ describe('', () => { await actions.clickPolicyNameLink(); component.update(); - expect(testBed.find('policyTitle').text()).toBe( - `${editPolicyTitle} ${PERCENT_SIGN_WITH_OTHER_CHARS_NAME}` - ); + expect(testBed.find('policyFlyoutTitle').text()).toBe(PERCENT_SIGN_WITH_OTHER_CHARS_NAME); }); test("loading edit policy page url doesn't work", async () => { @@ -221,9 +221,7 @@ describe('', () => { await actions.clickPolicyNameLink(); component.update(); - expect(testBed.find('policyTitle').text()).toBe( - `${editPolicyTitle} ${PERCENT_SIGN_25_SEQUENCE}` - ); + expect(testBed.find('policyFlyoutTitle').text()).toBe(PERCENT_SIGN_25_SEQUENCE); }); test("loading edit policy page url doesn't work", async () => { diff --git a/x-pack/plugins/index_lifecycle_management/public/application/components/index.ts b/x-pack/plugins/index_lifecycle_management/public/application/components/index.ts new file mode 100644 index 0000000000000..31a46d57abc66 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/components/index.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { IndexTemplatesFlyout } from './index_templates_flyout'; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/constants/policy.ts b/x-pack/plugins/index_lifecycle_management/public/application/constants/policy.ts index 293e232e349df..2c025761fd940 100644 --- a/x-pack/plugins/index_lifecycle_management/public/application/constants/policy.ts +++ b/x-pack/plugins/index_lifecycle_management/public/application/constants/policy.ts @@ -11,7 +11,6 @@ export const defaultIndexPriority = { hot: '100', warm: '50', cold: '0', - frozen: '0', }; export const defaultRolloverAction: RolloverAction = { diff --git a/x-pack/plugins/index_lifecycle_management/public/application/constants/ui_metric.ts b/x-pack/plugins/index_lifecycle_management/public/application/constants/ui_metric.ts index e1a316eda594f..f87cc94dee091 100644 --- a/x-pack/plugins/index_lifecycle_management/public/application/constants/ui_metric.ts +++ b/x-pack/plugins/index_lifecycle_management/public/application/constants/ui_metric.ts @@ -19,3 +19,4 @@ export const UIM_CONFIG_WARM_PHASE: string = 'config_warm_phase'; export const UIM_CONFIG_SET_PRIORITY: string = 'config_set_priority'; export const UIM_INDEX_RETRY_STEP: string = 'index_retry_step'; export const UIM_EDIT_CLICK: string = 'edit_click'; +export const UIM_VIEW_CLICK: string = 'view_click'; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/index.tsx b/x-pack/plugins/index_lifecycle_management/public/application/index.tsx index bb004766d89f7..bc5f93334f67f 100644 --- a/x-pack/plugins/index_lifecycle_management/public/application/index.tsx +++ b/x-pack/plugins/index_lifecycle_management/public/application/index.tsx @@ -32,7 +32,7 @@ export const renderApp = ( executionContext: ExecutionContextStart, cloud?: CloudSetup ): UnmountCallback => { - const { navigateToUrl, getUrlForApp } = application; + const { navigateToUrl, getUrlForApp, capabilities } = application; const { overlays, http } = startServices; render( @@ -55,6 +55,7 @@ export const renderApp = ( overlays, http, history, + capabilities, }} > diff --git a/x-pack/plugins/index_lifecycle_management/public/application/lib/use_is_read_only.ts b/x-pack/plugins/index_lifecycle_management/public/application/lib/use_is_read_only.ts new file mode 100644 index 0000000000000..518dbc69e34b4 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/lib/use_is_read_only.ts @@ -0,0 +1,19 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { PLUGIN } from '../../../common/constants'; +import { useKibana } from '../../shared_imports'; + +export const useIsReadOnly = () => { + const { + services: { capabilities }, + } = useKibana(); + const ilmCaps = capabilities[PLUGIN.ID]; + const savePermission = Boolean(ilmCaps.save); + const showPermission = Boolean(ilmCaps.show); + return !savePermission && showPermission; +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/edit_warning.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/edit_warning.tsx index 1690676cd28d7..c9e87ac137aed 100644 --- a/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/edit_warning.tsx +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/edit_warning.tsx @@ -11,7 +11,7 @@ import { FormattedMessage } from '@kbn/i18n-react'; import { useEditPolicyContext } from '../edit_policy_context'; import { getIndicesListPath } from '../../../services/navigation'; import { useKibana } from '../../../../shared_imports'; -import { IndexTemplatesFlyout } from '../../../components/index_templates_flyout'; +import { IndexTemplatesFlyout } from '../../../components'; export const EditWarning: FunctionComponent = () => { const { isNewPolicy, indices, indexTemplates, policyName, policy } = useEditPolicyContext(); diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/delete_phase/delete_searchable_snapshot_field.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/delete_phase/delete_searchable_snapshot_field.tsx index 5e19894843ff6..1aaab5c6657cf 100644 --- a/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/delete_phase/delete_searchable_snapshot_field.tsx +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/delete_phase/delete_searchable_snapshot_field.tsx @@ -8,22 +8,16 @@ import React from 'react'; import { FormattedMessage } from '@kbn/i18n-react'; import { EuiTextColor } from '@elastic/eui'; +import { useKibana } from '../../../../../../shared_imports'; +import { i18nTexts } from '../../../i18n_texts'; import { LearnMoreLink } from '../../learn_more_link'; import { ToggleFieldWithDescribedFormRow } from '../../described_form_row'; -import { useKibana } from '../../../../../../shared_imports'; export const DeleteSearchableSnapshotField: React.FunctionComponent = () => { const { docLinks } = useKibana().services; return ( - - - } + title={

{i18nTexts.editPolicy.deleteSearchableSnapshotLabel}

} description={ { return ( - {i18n.translate('xpack.indexLifecycleMgmt.hotPhase.rolloverFieldTitle', { - defaultMessage: 'Rollover', - })} - - } + title={

{i18nTexts.editPolicy.rolloverLabel}

} description={ <> diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/data_tier_allocation_field/data_tier_allocation_field.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/data_tier_allocation_field/data_tier_allocation_field.tsx index c45e172868938..50856c71ad9aa 100644 --- a/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/data_tier_allocation_field/data_tier_allocation_field.tsx +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/data_tier_allocation_field/data_tier_allocation_field.tsx @@ -7,13 +7,13 @@ import { get } from 'lodash'; import React, { FunctionComponent } from 'react'; -import { i18n } from '@kbn/i18n'; import { EuiDescribedFormGroup, EuiSpacer, EuiLoadingSpinner } from '@elastic/eui'; import { useKibana, useFormData } from '../../../../../../../shared_imports'; import { PhaseWithAllocation, DataTierRole } from '../../../../../../../../common/types'; import { getAvailableNodeRoleForPhase, isNodeRoleFirstPreference } from '../../../../../../lib'; import { useLoadNodes } from '../../../../../../services/api'; +import { i18nTexts } from '../../../../i18n_texts'; import { DataTierAllocationType } from '../../../../types'; import { @@ -30,12 +30,6 @@ import { import './_data_tier_allocation.scss'; -const i18nTexts = { - title: i18n.translate('xpack.indexLifecycleMgmt.common.dataTier.title', { - defaultMessage: 'Data allocation', - }), -}; - interface Props { phase: PhaseWithAllocation; description: React.ReactNode; @@ -188,7 +182,7 @@ export const DataTierAllocationField: FunctionComponent = ({ phase, descr return ( {i18nTexts.title}} + title={

{i18nTexts.editPolicy.dataAllocationLabel}

} description={ <> {description} diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/downsample_field.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/downsample_field.tsx index f846a033ce44a..4b7b55213ab38 100644 --- a/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/downsample_field.tsx +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/downsample_field.tsx @@ -30,14 +30,7 @@ export const DownsampleField: React.FunctionComponent = ({ phase }) => { return ( - - - } + title={

{i18nTexts.editPolicy.downsampleLabel}

} description={ = ({ phase }) => { return ( - - - } + title={

{i18nTexts.editPolicy.forceMergeLabel}

} description={ <> = ({ phase }) => { diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/min_age_field/min_age_field.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/min_age_field/min_age_field.tsx index 979150a8d267b..8fe75aadd49d9 100644 --- a/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/min_age_field/min_age_field.tsx +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/min_age_field/min_age_field.tsx @@ -5,9 +5,7 @@ * 2.0. */ -import { i18n } from '@kbn/i18n'; import React, { FunctionComponent, useEffect } from 'react'; -import { FormattedMessage } from '@kbn/i18n-react'; import { get } from 'lodash'; import { @@ -27,20 +25,7 @@ import { UseField, useConfiguration, useGlobalFields } from '../../../../form'; import { getPhaseMinAgeInMilliseconds } from '../../../../lib'; import { timeUnits } from '../../../../constants'; import { getUnitsAriaLabelForPhase, getTimingLabelForPhase } from './util'; - -const i18nTexts = { - rolloverToolTipDescription: i18n.translate( - 'xpack.indexLifecycleMgmt.editPolicy.minimumAge.rolloverToolTipDescription', - { - defaultMessage: - 'Data age is calculated from rollover. Rollover is configured in the hot phase.', - } - ), - minAgeUnitFieldSuffix: i18n.translate( - 'xpack.indexLifecycleMgmt.editPolicy.minimumAge.minimumAgeFieldSuffixLabel', - { defaultMessage: 'old' } - ), -}; +import { i18nTexts } from '../../../../i18n_texts'; interface Props { phase: PhaseWithTiming; @@ -95,10 +80,7 @@ export const MinAgeField: FunctionComponent = ({ phase }): React.ReactEle > - + {`${i18nTexts.editPolicy.minAgeLabel}:`} @@ -127,15 +109,15 @@ export const MinAgeField: FunctionComponent = ({ phase }): React.ReactEle
); const selectAppendValue: Array = isUsingRollover - ? [i18nTexts.minAgeUnitFieldSuffix, icon] - : [i18nTexts.minAgeUnitFieldSuffix]; + ? [i18nTexts.editPolicy.minAgeUnitFieldSuffix, icon] + : [i18nTexts.editPolicy.minAgeUnitFieldSuffix]; const unitValue = unitField.value as string; let unitOptions = timeUnits; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/readonly_field.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/readonly_field.tsx index 4283f357bff88..11cea37f67bba 100644 --- a/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/readonly_field.tsx +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/readonly_field.tsx @@ -11,6 +11,7 @@ import { EuiTextColor } from '@elastic/eui'; import { LearnMoreLink } from '../../learn_more_link'; import { ToggleFieldWithDescribedFormRow } from '../../described_form_row'; import { useKibana } from '../../../../../../shared_imports'; +import { i18nTexts } from '../../../i18n_texts'; interface Props { phase: 'hot' | 'warm' | 'cold'; } @@ -19,14 +20,7 @@ export const ReadonlyField: React.FunctionComponent = ({ phase }) => { const { docLinks } = useKibana().services; return ( - - - } + title={

{i18nTexts.editPolicy.readonlyLabel}

} description={ = ({ phase }) => { @@ -24,13 +25,7 @@ export const ReplicasField: FunctionComponent = ({ phase }) => { const initialValue = policy.phases[phase]?.actions?.allocate?.number_of_replicas != null; return ( - {i18n.translate('xpack.indexLifecycleMgmt.numberOfReplicas.formRowTitle', { - defaultMessage: 'Replicas', - })} - - } + title={

{i18nTexts.editPolicy.replicasLabel}

} description={i18n.translate( 'xpack.indexLifecycleMgmt.editPolicy.numberOfReplicas.formRowDescription', { diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/searchable_snapshot_field/searchable_snapshot_field.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/searchable_snapshot_field/searchable_snapshot_field.tsx index f36067923e1b7..e98d1f1c2c55a 100644 --- a/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/searchable_snapshot_field/searchable_snapshot_field.tsx +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/searchable_snapshot_field/searchable_snapshot_field.tsx @@ -19,6 +19,7 @@ import { SearchableSnapshotDataProvider } from './searchable_snapshot_data_provi import { RepositoryComboBoxField } from './repository_combobox_field'; import './_searchable_snapshot_field.scss'; +import { i18nTexts as i18nTextsEdit } from '../../../../i18n_texts'; export interface Props { phase: 'hot' | 'cold' | 'frozen'; @@ -35,12 +36,7 @@ const geti18nTexts = ( case 'hot': case 'cold': return { - title: i18n.translate( - 'xpack.indexLifecycleMgmt.editPolicy.fullyMountedSearchableSnapshotField.title', - { - defaultMessage: 'Searchable snapshot', - } - ), + title: i18nTextsEdit.editPolicy.searchableSnapshotLabel, description: ( = ({ phase }) => { const { docLinks } = useKibana().services; return ( - - - } + title={

{i18nTexts.editPolicy.shrinkActionLabel}

} description={ = ({ phase }) => { titleSize="xs" switchProps={{ 'data-test-subj': `${phase}-shrinkSwitch`, - label: i18nTexts.editPolicy.shrinkLabel, + label: i18nTexts.editPolicy.shrinkToggleLabel, initialValue: Boolean(policy.phases[phase]?.actions?.shrink), }} fullWidth diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/snapshot_policies_field.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/snapshot_policies_field.tsx index e89189df7667b..f072db6b10b11 100644 --- a/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/snapshot_policies_field.tsx +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/components/phases/shared_fields/snapshot_policies_field.tsx @@ -24,6 +24,7 @@ import { useLoadSnapshotPolicies } from '../../../../../services/api'; import { UseField } from '../../../form'; import { FieldLoadingError, LearnMoreLink, OptionalLabel } from '../..'; +import { i18nTexts } from '../../../i18n_texts'; const waitForSnapshotFormField = 'phases.delete.actions.wait_for_snapshot.policy'; @@ -145,14 +146,7 @@ export const SnapshotPoliciesField: React.FunctionComponent = () => { return ( - - - } + title={

{i18nTexts.editPolicy.waitForSnapshotLabel}

} description={ <> = memo( - ({ hasDeletePhase, isUsingRollover, ...phasesMinAge }) => { + ({ hasDeletePhase, isUsingRollover, showTitle = true, ...phasesMinAge }) => { const absoluteTimings: AbsoluteTimings = { hot: { min_age: phasesMinAge.hotPhaseMinAge }, warm: phasesMinAge.warmPhaseMinAge ? { min_age: phasesMinAge.warmPhaseMinAge } : undefined, @@ -147,24 +148,26 @@ export const Timeline: FunctionComponent = memo( return ( - - -

{i18nTexts.title}

- - - {i18nTexts.description} -   - - } - /> - - + {showTitle && ( + + +

{i18nTexts.title}

+ + + {i18nTexts.description} +   + + } + /> + + + )}
{ [originalPolicyName, existingPolicies, isClonedPolicy] ); - const backToPolicyList = () => { - history.push('/policies'); + const backToPolicyList = (name?: string) => { + const url = name ? getPolicyViewPath(name) : getPoliciesListPath(); + history.push(url); }; const submit = async () => { @@ -141,17 +143,18 @@ export const EditPolicy: React.FunctionComponent = () => { }) ); } else { + const name = getPolicyName(); setHasSubmittedForm(true); const success = await savePolicy( { ...policy, - name: getPolicyName(), + name, }, isNewPolicy || isClonedPolicy ); if (success) { - backToPolicyList(); + backToPolicyList(name); } } }; @@ -305,7 +308,10 @@ export const EditPolicy: React.FunctionComponent = () => { - + backToPolicyList()} + > ({ +const getPriorityField = (phase: 'hot' | 'warm' | 'cold') => ({ defaultValue: defaultIndexPriority[phase], label: i18nTexts.editPolicy.indexPriorityFieldLabel, validations: [ @@ -380,9 +372,7 @@ export const getSchema = (isCloudEnabled: boolean): FormSchema => ({ actions: { rollover: { max_age: { - label: i18n.translate('xpack.indexLifecycleMgmt.hotPhase.maximumAgeLabel', { - defaultMessage: 'Maximum age', - }), + label: i18nTexts.editPolicy.maxAgeLabel, validations: [ { validator: rolloverThresholdsValidator, @@ -397,9 +387,7 @@ export const getSchema = (isCloudEnabled: boolean): FormSchema => ({ fieldsToValidateOnChange: rolloverFormPaths, }, max_docs: { - label: i18n.translate('xpack.indexLifecycleMgmt.hotPhase.maximumDocumentsLabel', { - defaultMessage: 'Maximum documents', - }), + label: i18nTexts.editPolicy.maxDocsLabel, validations: [ { validator: rolloverThresholdsValidator, @@ -443,9 +431,7 @@ export const getSchema = (isCloudEnabled: boolean): FormSchema => ({ fieldsToValidateOnChange: rolloverFormPaths, }, max_size: { - label: i18n.translate('xpack.indexLifecycleMgmt.hotPhase.maximumIndexSizeLabel', { - defaultMessage: 'Maximum index size', - }), + label: i18nTexts.editPolicy.maxSizeLabel, validations: [ { validator: rolloverThresholdsValidator, @@ -505,12 +491,6 @@ export const getSchema = (isCloudEnabled: boolean): FormSchema => ({ frozen: { min_age: getMinAgeField('frozen'), actions: { - allocate: { - number_of_replicas: numberOfReplicasField, - }, - set_priority: { - priority: getPriorityField('frozen'), - }, searchable_snapshot: searchableSnapshotFields, }, }, diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/i18n_texts.ts b/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/i18n_texts.ts index 9c48efd6c2afa..4304168d1bb0e 100644 --- a/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/i18n_texts.ts +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/i18n_texts.ts @@ -9,7 +9,10 @@ import { i18n } from '@kbn/i18n'; export const i18nTexts = { editPolicy: { - shrinkLabel: i18n.translate('xpack.indexLifecycleMgmt.shrink.enableShrinkLabel', { + shrinkActionLabel: i18n.translate('xpack.indexLifecycleMgmt.shrink.actionLabel', { + defaultMessage: 'Shrink', + }), + shrinkToggleLabel: i18n.translate('xpack.indexLifecycleMgmt.shrink.enableShrinkLabel', { defaultMessage: 'Shrink index', }), shrinkCountLabel: i18n.translate( @@ -18,6 +21,12 @@ export const i18nTexts = { defaultMessage: 'Configure shard count', } ), + shrinkNumberOfShardsLabel: i18n.translate( + 'xpack.indexLifecycleMgmt.shrink.numberOfPrimaryShardsLabel', + { + defaultMessage: 'Number of primary shards', + } + ), shrinkSizeLabel: i18n.translate( 'xpack.indexLifecycleMgmt.editPolicy.shrink.configureShardSizeLabel', { @@ -54,12 +63,18 @@ export const i18nTexts = { ), }, }, + forceMergeLabel: i18n.translate('xpack.indexLifecycleMgmt.editPolicy.forceMerge.enableText', { + defaultMessage: 'Force merge', + }), forceMergeEnabledFieldLabel: i18n.translate('xpack.indexLifecycleMgmt.forcemerge.enableLabel', { defaultMessage: 'Force merge data', }), readonlyEnabledFieldLabel: i18n.translate('xpack.indexLifecycleMgmt.readonlyFieldLabel', { defaultMessage: 'Make index read only', }), + readonlyLabel: i18n.translate('xpack.indexLifecycleMgmt.editPolicy.readonlyTitle', { + defaultMessage: 'Read only', + }), downsampleEnabledFieldLabel: i18n.translate('xpack.indexLifecycleMgmt.downsampleFieldLabel', { defaultMessage: 'Enable downsampling', }), @@ -116,12 +131,6 @@ export const i18nTexts = { defaultMessage: 'Snapshot repository', } ), - searchableSnapshotsStorageFieldLabel: i18n.translate( - 'xpack.indexLifecycleMgmt.editPolicy.searchableSnapshotStorageFieldLabel', - { - defaultMessage: 'Searchable snapshot storage', - } - ), maxPrimaryShardSizeLabel: i18n.translate( 'xpack.indexLifecycleMgmt.hotPhase.maximumPrimaryShardSizeLabel', { @@ -140,6 +149,64 @@ export const i18nTexts = { defaultMessage: 'Maximum shard size units', } ), + maxAgeLabel: i18n.translate('xpack.indexLifecycleMgmt.hotPhase.maximumAgeLabel', { + defaultMessage: 'Maximum age', + }), + maxDocsLabel: i18n.translate('xpack.indexLifecycleMgmt.hotPhase.maximumDocumentsLabel', { + defaultMessage: 'Maximum documents', + }), + maxSizeLabel: i18n.translate('xpack.indexLifecycleMgmt.hotPhase.maximumIndexSizeLabel', { + defaultMessage: 'Maximum index size', + }), + downsampleLabel: i18n.translate('xpack.indexLifecycleMgmt.editPolicy.downsampleTitle', { + defaultMessage: 'Downsample', + }), + minAgeLabel: i18n.translate( + 'xpack.indexLifecycleMgmt.editPolicy.minimumAge.minimumAgeFieldLabel', + { defaultMessage: 'Move data into phase when' } + ), + rolloverLabel: i18n.translate('xpack.indexLifecycleMgmt.hotPhase.rolloverFieldTitle', { + defaultMessage: 'Rollover', + }), + rolloverToolTipDescription: i18n.translate( + 'xpack.indexLifecycleMgmt.editPolicy.minimumAge.rolloverToolTipDescription', + { + defaultMessage: + 'Data age is calculated from rollover. Rollover is configured in the hot phase.', + } + ), + minAgeUnitFieldSuffix: i18n.translate( + 'xpack.indexLifecycleMgmt.editPolicy.minimumAge.minimumAgeFieldSuffixLabel', + { defaultMessage: 'old' } + ), + replicasLabel: i18n.translate('xpack.indexLifecycleMgmt.numberOfReplicas.formRowTitle', { + defaultMessage: 'Replicas', + }), + numberOfReplicasLabel: i18n.translate( + 'xpack.indexLifecycleMgmt.editPolicy.numberOfReplicasLabel', + { + defaultMessage: 'Number of replicas', + } + ), + dataAllocationLabel: i18n.translate('xpack.indexLifecycleMgmt.common.dataTier.title', { + defaultMessage: 'Data allocation', + }), + searchableSnapshotLabel: i18n.translate( + 'xpack.indexLifecycleMgmt.editPolicy.fullyMountedSearchableSnapshotField.title', + { + defaultMessage: 'Searchable snapshot', + } + ), + waitForSnapshotLabel: i18n.translate( + 'xpack.indexLifecycleMgmt.editPolicy.deletePhase.waitForSnapshotTitle', + { defaultMessage: 'Wait for snapshot policy' } + ), + deleteSearchableSnapshotLabel: i18n.translate( + 'xpack.indexLifecycleMgmt.editPolicy.deletePhase.deleteSearchableSnapshotTitle', + { + defaultMessage: 'Delete searchable snapshot', + } + ), errors: { numberRequired: i18n.translate( 'xpack.indexLifecycleMgmt.editPolicy.errors.numberRequiredErrorMessage', diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/types.ts b/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/types.ts index 5dd5477cae2c2..4d4d561eedb96 100644 --- a/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/types.ts +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/edit_policy/types.ts @@ -78,7 +78,7 @@ interface ColdPhaseMetaFields extends DataAllocationMetaFields, MinAgeField, Dow readonlyEnabled: boolean; } -interface FrozenPhaseMetaFields extends DataAllocationMetaFields, MinAgeField { +interface FrozenPhaseMetaFields extends MinAgeField { enabled: boolean; } diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/components/deprecated_policy_badge.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/components/deprecated_policy_badge.tsx new file mode 100644 index 0000000000000..f48e6d5c4a639 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/components/deprecated_policy_badge.tsx @@ -0,0 +1,32 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { EuiBadge, EuiToolTip } from '@elastic/eui'; +import { i18n } from '@kbn/i18n'; + +const deprecatedPolicyTooltips = { + badge: i18n.translate('xpack.indexLifecycleMgmt.policyTable.templateBadgeType.deprecatedLabel', { + defaultMessage: 'Deprecated', + }), + badgeTooltip: i18n.translate( + 'xpack.indexLifecycleMgmt.policyTable.templateBadgeType.deprecatedDescription', + { + defaultMessage: + 'This policy is no longer supported and might be removed in a future release. Instead, use one of the other policies available or create a new one.', + } + ), +}; +export const DeprecatedPolicyBadge = () => { + return ( + + + {deprecatedPolicyTooltips.badge} + + + ); +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/components/index.ts b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/components/index.ts new file mode 100644 index 0000000000000..0ff6731e542c4 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/components/index.ts @@ -0,0 +1,13 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { AddPolicyToTemplateConfirmModal } from './add_policy_to_template_confirm_modal'; +export { ConfirmDelete } from './confirm_delete'; +export { DeprecatedPolicyBadge } from './deprecated_policy_badge'; +export { ListActionHandler } from './list_action_handler'; +export { ManagedPolicyBadge } from './managed_policy_badge'; +export { PolicyTable } from './policy_table'; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/components/list_action_handler.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/components/list_action_handler.tsx index c7d2183ec9481..9dd3eba08769a 100644 --- a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/components/list_action_handler.tsx +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/components/list_action_handler.tsx @@ -7,14 +7,14 @@ import React from 'react'; import { usePolicyListContext } from '../policy_list_context'; -import { IndexTemplatesFlyout } from '../../../components/index_templates_flyout'; -import { ConfirmDelete } from './confirm_delete'; -import { AddPolicyToTemplateConfirmModal } from './add_policy_to_template_confirm_modal'; +import { IndexTemplatesFlyout } from '../../../components'; +import { ViewPolicyFlyout } from '../policy_flyout'; +import { ConfirmDelete, AddPolicyToTemplateConfirmModal } from '.'; interface Props { - updatePolicies: () => void; + deletePolicyCallback: () => void; } -export const ListActionHandler: React.FunctionComponent = ({ updatePolicies }) => { +export const ListActionHandler: React.FunctionComponent = ({ deletePolicyCallback }) => { const { listAction, setListAction } = usePolicyListContext(); if (listAction?.actionType === 'viewIndexTemplates') { return ( @@ -32,7 +32,7 @@ export const ListActionHandler: React.FunctionComponent = ({ updatePolici { - updatePolicies(); + deletePolicyCallback(); setListAction(null); }} onCancel={() => { @@ -58,5 +58,10 @@ export const ListActionHandler: React.FunctionComponent = ({ updatePolici /> ); } + + if (listAction?.actionType === 'viewPolicy') { + return ; + } + return null; }; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/components/managed_policy_badge.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/components/managed_policy_badge.tsx new file mode 100644 index 0000000000000..f8124fcd70474 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/components/managed_policy_badge.tsx @@ -0,0 +1,33 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { EuiBadge, EuiToolTip } from '@elastic/eui'; +import { i18n } from '@kbn/i18n'; + +const managedPolicyTooltips = { + badge: i18n.translate('xpack.indexLifecycleMgmt.policyTable.templateBadgeType.managedLabel', { + defaultMessage: 'Managed', + }), + badgeTooltip: i18n.translate( + 'xpack.indexLifecycleMgmt.policyTable.templateBadgeType.managedDescription', + { + defaultMessage: + 'This policy is preconfigured and managed by Elastic; editing or deleting this policy might break Kibana.', + } + ), +}; + +export const ManagedPolicyBadge = () => { + return ( + + + {managedPolicyTooltips.badge} + + + ); +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/components/policy_table.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/components/policy_table.tsx index 0133c5034bb72..b7f77c6d1c77a 100644 --- a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/components/policy_table.tsx +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/components/policy_table.tsx @@ -11,8 +11,6 @@ import { EuiLink, EuiInMemoryTable, EuiToolTip, - EuiButtonIcon, - EuiBadge, EuiFlexItem, EuiSwitch, EuiSearchBarProps, @@ -28,59 +26,30 @@ import { EuiBasicTableColumn } from '@elastic/eui/src/components/basic_table/bas import { reactRouterNavigate } from '@kbn/kibana-react-plugin/public'; import { FormattedMessage } from '@kbn/i18n-react'; import { useEuiTablePersist } from '@kbn/shared-ux-table-persist'; +import { hasLinkedIndices } from '../../../lib/policies'; import { useStateWithLocalStorage } from '../../../lib/settings_local_storage'; import { PolicyFromES } from '../../../../../common/types'; import { useKibana } from '../../../../shared_imports'; -import { getIndicesListPath, getPolicyEditPath } from '../../../services/navigation'; +import { + getIndicesListPath, + getPolicyEditPath, + getPolicyViewPath, +} from '../../../services/navigation'; import { trackUiMetric } from '../../../services/ui_metric'; +import { UIM_VIEW_CLICK } from '../../../constants'; -import { UIM_EDIT_CLICK } from '../../../constants'; -import { hasLinkedIndices } from '../../../lib/policies'; import { usePolicyListContext } from '../policy_list_context'; +import { ManagedPolicyBadge, DeprecatedPolicyBadge } from '.'; +import { useIsReadOnly } from '../../../lib/use_is_read_only'; const actionTooltips = { - deleteEnabled: i18n.translate('xpack.indexLifecycleMgmt.policyTable.deletePolicyButtonText', { - defaultMessage: 'Delete policy', - }), - deleteDisabled: i18n.translate( - 'xpack.indexLifecycleMgmt.policyTable.deletePolicyButtonDisabledTooltip', - { - defaultMessage: 'You cannot delete a policy that is being used by an index', - } - ), viewIndices: i18n.translate('xpack.indexLifecycleMgmt.policyTable.viewIndicesButtonText', { defaultMessage: 'View indices linked to policy', }), - addIndexTemplate: i18n.translate( - 'xpack.indexLifecycleMgmt.policyTable.addPolicyToTemplateButtonText', - { - defaultMessage: 'Add policy to index template', - } - ), -}; - -const managedPolicyTooltips = { - badge: i18n.translate('xpack.indexLifecycleMgmt.policyTable.templateBadgeType.managedLabel', { - defaultMessage: 'Managed', - }), - badgeTooltip: i18n.translate( - 'xpack.indexLifecycleMgmt.policyTable.templateBadgeType.managedDescription', + viewIndexTemplates: i18n.translate( + 'xpack.indexLifecycleMgmt.policyTable.viewIndexTemplatesButtonText', { - defaultMessage: - 'This policy is preconfigured and managed by Elastic; editing or deleting this policy might break Kibana.', - } - ), -}; - -const deprecatedPolicyTooltips = { - badge: i18n.translate('xpack.indexLifecycleMgmt.policyTable.templateBadgeType.deprecatedLabel', { - defaultMessage: 'Deprecated', - }), - badgeTooltip: i18n.translate( - 'xpack.indexLifecycleMgmt.policyTable.templateBadgeType.deprecatedDescription', - { - defaultMessage: - 'This policy is no longer supported and might be removed in a future release. Instead, use one of the other policies available or create a new one.', + defaultMessage: 'View index templates linked to policy', } ), }; @@ -94,7 +63,7 @@ const PAGE_SIZE_OPTIONS = [10, 25, 50]; export const PolicyTable: React.FunctionComponent = ({ policies }) => { const [query, setQuery] = useState(''); - + const isReadOnly = useIsReadOnly(); const history = useHistory(); const { services: { getUrlForApp }, @@ -188,8 +157,8 @@ export const PolicyTable: React.FunctionComponent = ({ policies }) => { - trackUiMetric(METRIC_TYPE.CLICK, UIM_EDIT_CLICK) + {...reactRouterNavigate(history, getPolicyViewPath(value), () => + trackUiMetric(METRIC_TYPE.CLICK, UIM_VIEW_CLICK) )} > {value} @@ -198,22 +167,14 @@ export const PolicyTable: React.FunctionComponent = ({ policies }) => { {isDeprecated && ( <>   - - - {deprecatedPolicyTooltips.badge} - - + )} {isManaged && ( <>   - - - {managedPolicyTooltips.badge} - - + )} @@ -229,7 +190,7 @@ export const PolicyTable: React.FunctionComponent = ({ policies }) => { sortable: ({ indexTemplates }) => (indexTemplates ?? []).length, render: (value: string[], policy: PolicyFromES) => { return value && value.length > 0 ? ( - + = ({ policies }) => { return value ? moment(value).format('MMM D, YYYY') : value; }, }, - { + ]; + if (!isReadOnly) { + columns.push({ actions: [ { - render: (policy: PolicyFromES) => { - return ( - - - setListAction({ selectedPolicy: policy, actionType: 'addIndexTemplate' }) - } - iconType="plusInCircle" - aria-label={actionTooltips.addIndexTemplate} - /> - - ); - }, + isPrimary: true, + name: i18n.translate('xpack.indexLifecycleMgmt.policyTable.editActionLabel', { + defaultMessage: 'Edit', + }), + description: i18n.translate( + 'xpack.indexLifecycleMgmt.policyTable.editActionDescription', + { + defaultMessage: 'Edit this policy', + } + ), + type: 'icon', + icon: 'pencil', + onClick: ({ name }) => history.push(getPolicyEditPath(name)), + 'data-test-subj': 'editPolicy', }, + + { + name: i18n.translate( + 'xpack.indexLifecycleMgmt.policyTable.addToIndexTemplateActionLabel', + { + defaultMessage: 'Add to index template', + } + ), + description: i18n.translate( + 'xpack.indexLifecycleMgmt.policyTable.addToIndexTemplateActionDescription', + { defaultMessage: 'Add policy to index template' } + ), + type: 'icon', + icon: 'plusInCircle', + onClick: (policy) => + setListAction({ selectedPolicy: policy, actionType: 'addIndexTemplate' }), + 'data-test-subj': 'addPolicyToTemplate', + }, + { - render: (policy: PolicyFromES, enabled: boolean) => { - return ( - - - setListAction({ selectedPolicy: policy, actionType: 'deletePolicy' }) + isPrimary: true, + name: i18n.translate('xpack.indexLifecycleMgmt.policyTable.deleteActionLabel', { + defaultMessage: 'Delete', + }), + description: (policy) => { + return hasLinkedIndices(policy) + ? i18n.translate( + 'xpack.indexLifecycleMgmt.policyTable.deletePolicyButtonDisabledTooltip', + { + defaultMessage: 'You cannot delete a policy that is being used by an index', } - iconType="trash" - aria-label={actionTooltips.deleteEnabled} - disabled={!enabled} - /> - - ); + ) + : i18n.translate('xpack.indexLifecycleMgmt.policyTable.deleteActionDescription', { + defaultMessage: 'Delete this policy', + }); }, - enabled: (policy: PolicyFromES) => !hasLinkedIndices(policy), + type: 'icon', + icon: 'trash', + color: 'danger', + onClick: (policy) => + setListAction({ selectedPolicy: policy, actionType: 'deletePolicy' }), + enabled: (policy) => !hasLinkedIndices(policy), + 'data-test-subj': 'deletePolicy', }, ], name: i18n.translate('xpack.indexLifecycleMgmt.policyTable.headers.actionsHeader', { defaultMessage: 'Actions', }), - }, - ]; + 'data-test-subj': 'policyActionsCollapsedButton', + }); + } return ( { + return ( + + ); +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/action_description.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/action_description.tsx new file mode 100644 index 0000000000000..5a4f6905fe796 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/action_description.tsx @@ -0,0 +1,39 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React, { ReactNode } from 'react'; +import { + EuiDescriptionListDescription, + EuiDescriptionListTitle, + EuiSpacer, + EuiText, +} from '@elastic/eui'; + +export const ActionDescription = ({ + title, + descriptionItems, +}: { + title: string; + descriptionItems?: string[] | ReactNode[]; +}) => { + return ( + <> + {title} + {descriptionItems && ( + + {descriptionItems.map((descriptionItem, index) => ( + + + {descriptionItem} + + ))} + + )} + + + ); +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/data_allocation.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/data_allocation.tsx new file mode 100644 index 0000000000000..1970b78eaac50 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/data_allocation.tsx @@ -0,0 +1,85 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; + +import { EuiBadge, EuiCode } from '@elastic/eui'; +import { i18n } from '@kbn/i18n'; +import { FormattedMessage } from '@kbn/i18n-react'; +import { + AllocateAction, + PhaseWithAllocation, + SerializedColdPhase, + SerializedWarmPhase, +} from '../../../../../../common/types'; +import { determineDataTierAllocationType } from '../../../../lib'; +import type { ActionComponentProps } from './types'; +import { ActionDescription } from './action_description'; +import { i18nTexts } from '../../../edit_policy/i18n_texts'; + +const getAllocationDescription = ( + type: ReturnType, + phase: PhaseWithAllocation, + allocate?: AllocateAction +) => { + if (type === 'none') { + return i18n.translate('xpack.indexLifecycleMgmt.policyFlyout.dataAllocationDisabledLabel', { + defaultMessage: 'Disabled', + }); + } + if (type === 'node_roles') { + const label = + phase === 'warm' + ? i18n.translate('xpack.indexLifecycleMgmt.policyFlyout.dataAllocationWarmNodesLabel', { + defaultMessage: 'Using warm nodes', + }) + : i18n.translate('xpack.indexLifecycleMgmt.policyFlyout.dataAllocationColdNodesdLabel', { + defaultMessage: 'Using cold nodes', + }); + return ( + <> + {label}{' '} + + + + + ); + } + if (type === 'node_attrs') { + return ( + <> + {i18n.translate('xpack.indexLifecycleMgmt.policyFlyout.dataAllocationAttributtesLabel', { + defaultMessage: 'Node attributes', + })} + {': '} + {JSON.stringify(allocate?.require)} + + ); + } +}; + +export const DataAllocation = ({ phase, phases }: ActionComponentProps) => { + const phaseConfig = phases[phase]; + const allocate = (phaseConfig as SerializedWarmPhase | SerializedColdPhase)?.actions.allocate; + const migrate = (phaseConfig as SerializedWarmPhase | SerializedColdPhase)?.actions.migrate; + const allocationType = determineDataTierAllocationType({ allocate, migrate }); + const allocationDescription = getAllocationDescription( + allocationType, + phase as PhaseWithAllocation, + allocate + ); + + return ( + + ); +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/delete_searchable_snapshot.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/delete_searchable_snapshot.tsx new file mode 100644 index 0000000000000..c5e22e9329733 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/delete_searchable_snapshot.tsx @@ -0,0 +1,27 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { i18nTexts as i18nTextsFlyout } from './i18n_texts'; +import { SerializedDeletePhase } from '../../../../../../common/types'; +import { i18nTexts } from '../../../edit_policy/i18n_texts'; +import { ActionDescription } from './action_description'; +import type { ActionComponentProps } from './types'; + +export const DeleteSearchableSnapshot = ({ phase, phases }: ActionComponentProps) => { + const phaseConfig = phases[phase]; + const deleteSearchableSnapshot = (phaseConfig as SerializedDeletePhase)?.actions.delete + ?.delete_searchable_snapshot; + return ( + + ); +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/downsample.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/downsample.tsx new file mode 100644 index 0000000000000..f3d4780b48906 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/downsample.tsx @@ -0,0 +1,27 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { PhaseWithDownsample } from '../../../../../../common/types'; +import { i18nTexts } from '../../../edit_policy/i18n_texts'; +import { ActionDescription } from './action_description'; +import type { ActionComponentProps } from './types'; + +export const Downsample = ({ phase, phases }: ActionComponentProps) => { + const downsample = phases[phase as PhaseWithDownsample]?.actions.downsample; + return downsample ? ( + + {`${i18nTexts.editPolicy.downsampleIntervalFieldLabel}: `} + {downsample.fixed_interval} + , + ]} + /> + ) : null; +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/forcemerge.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/forcemerge.tsx new file mode 100644 index 0000000000000..9bb1fa1e3dd60 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/forcemerge.tsx @@ -0,0 +1,38 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { SerializedHotPhase, SerializedWarmPhase } from '../../../../../../common/types'; +import { i18nTexts } from '../../../edit_policy/i18n_texts'; + +import { i18nTexts as i18nTextsFlyout } from './i18n_texts'; +import type { ActionComponentProps } from './types'; +import { ActionDescription } from './action_description'; + +export const Forcemerge = ({ phase, phases }: ActionComponentProps) => { + const phaseConfig = phases[phase]; + const forcemerge = (phaseConfig as SerializedHotPhase | SerializedWarmPhase)?.actions.forcemerge; + return forcemerge ? ( + + {`${i18nTexts.editPolicy.maxNumSegmentsFieldLabel}: `} + {forcemerge.max_num_segments} + , + <> + {`${i18nTexts.editPolicy.bestCompressionFieldLabel}: `} + + {forcemerge.index_codec === 'best_compression' + ? i18nTextsFlyout.yes + : i18nTextsFlyout.no} + + , + ]} + /> + ) : null; +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/i18n_texts.ts b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/i18n_texts.ts new file mode 100644 index 0000000000000..b5a00bac82bf7 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/i18n_texts.ts @@ -0,0 +1,17 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { i18n } from '@kbn/i18n'; + +export const i18nTexts = { + yes: i18n.translate('xpack.indexLifecycleMgmt.policyFlyout.yesLabel', { + defaultMessage: 'Yes', + }), + no: i18n.translate('xpack.indexLifecycleMgmt.policyFlyout.noLabel', { + defaultMessage: 'No', + }), +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/index.ts b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/index.ts new file mode 100644 index 0000000000000..5166b62f8e579 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/index.ts @@ -0,0 +1,19 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { Rollover } from './rollover'; +export { MinAge } from './min_age'; +export { Forcemerge } from './forcemerge'; +export { Shrink } from './shrink'; +export { SearchableSnapshot } from './searchable_snapshot'; +export { Downsample } from './downsample'; +export { Readonly } from './readonly'; +export { IndexPriority } from './index_priority'; +export { Replicas } from './replicas'; +export { DataAllocation } from './data_allocation'; +export { WaitForSnapshot } from './wait_for_snapshot'; +export { DeleteSearchableSnapshot } from './delete_searchable_snapshot'; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/index_priority.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/index_priority.tsx new file mode 100644 index 0000000000000..e470fc1c968d6 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/index_priority.tsx @@ -0,0 +1,29 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { + SerializedHotPhase, + SerializedWarmPhase, + SerializedColdPhase, +} from '../../../../../../common/types'; +import { i18nTexts } from '../../../edit_policy/i18n_texts'; +import { ActionDescription } from './action_description'; +import type { ActionComponentProps } from './types'; + +export const IndexPriority = ({ phase, phases }: ActionComponentProps) => { + const phaseConfig = phases[phase]; + const indexPriority = ( + phaseConfig as SerializedHotPhase | SerializedWarmPhase | SerializedColdPhase + )?.actions.set_priority; + return indexPriority ? ( + + ) : null; +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/min_age.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/min_age.tsx new file mode 100644 index 0000000000000..e6c568ecdebe6 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/min_age.tsx @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { i18nTexts } from '../../../edit_policy/i18n_texts'; +import { ActionDescription } from './action_description'; +import type { ActionComponentProps } from './types'; + +export const MinAge = ({ phase, phases }: ActionComponentProps) => { + const minAge = phases[phase]?.min_age; + return minAge ? ( + + ) : null; +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/readonly.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/readonly.tsx new file mode 100644 index 0000000000000..3d7163be382a0 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/readonly.tsx @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { + SerializedColdPhase, + SerializedHotPhase, + SerializedWarmPhase, +} from '../../../../../../common/types'; +import { i18nTexts } from '../../../edit_policy/i18n_texts'; +import { ActionDescription } from './action_description'; +import type { ActionComponentProps } from './types'; + +export const Readonly = ({ phase, phases }: ActionComponentProps) => { + const phaseConfig = phases[phase]; + const readonly = (phaseConfig as SerializedHotPhase | SerializedWarmPhase | SerializedColdPhase) + ?.actions.readonly; + return readonly ? : null; +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/replicas.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/replicas.tsx new file mode 100644 index 0000000000000..de2dee8f1aa89 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/replicas.tsx @@ -0,0 +1,28 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { PhaseWithAllocation } from '../../../../../../common/types'; +import { i18nTexts } from '../../../edit_policy/i18n_texts'; + +import type { ActionComponentProps } from './types'; +import { ActionDescription } from './action_description'; + +export const Replicas = ({ phase, phases }: ActionComponentProps) => { + const allocate = phases[phase as PhaseWithAllocation]?.actions.allocate; + return allocate?.number_of_replicas !== undefined ? ( + + {`${i18nTexts.editPolicy.numberOfReplicasLabel}: `} + {allocate.number_of_replicas} + , + ]} + /> + ) : null; +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/rollover.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/rollover.tsx new file mode 100644 index 0000000000000..d691a99728a6b --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/rollover.tsx @@ -0,0 +1,76 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { EuiBadge } from '@elastic/eui'; +import { FormattedMessage } from '@kbn/i18n-react'; +import { SerializedHotPhase } from '../../../../../../common/types'; +import { i18nTexts } from '../../../edit_policy/i18n_texts'; +import { ActionDescription } from './action_description'; +import type { ActionComponentProps } from './types'; + +export const Rollover = ({ phase, phases }: ActionComponentProps) => { + const phaseConfig = phases[phase]; + const rollover = (phaseConfig as SerializedHotPhase)?.actions.rollover; + const descriptionItems = []; + if (rollover?.max_primary_shard_size) { + descriptionItems.push( + <> + {`${i18nTexts.editPolicy.maxPrimaryShardSizeLabel}: `} + {rollover.max_primary_shard_size} + + ); + } + if (rollover?.max_primary_shard_docs) { + descriptionItems.push( + <> + {`${i18nTexts.editPolicy.maxPrimaryShardDocsLabel}: `} + {rollover.max_primary_shard_docs} + + ); + } + + if (rollover?.max_age) { + descriptionItems.push( + <> + {`${i18nTexts.editPolicy.maxAgeLabel}: `} + {rollover.max_age} + + ); + } + + if (rollover?.max_docs) { + descriptionItems.push( + <> + {`${i18nTexts.editPolicy.maxDocsLabel}: `} + {rollover.max_docs} + + ); + } + + if (rollover?.max_size) { + descriptionItems.push( + <> + {`${i18nTexts.editPolicy.maxSizeLabel}: `} + {rollover.max_size}{' '} + + + + + ); + } + + return rollover ? ( + + ) : null; +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/searchable_snapshot.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/searchable_snapshot.tsx new file mode 100644 index 0000000000000..4b30783f4c7fd --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/searchable_snapshot.tsx @@ -0,0 +1,35 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { EuiCode } from '@elastic/eui'; +import { + SerializedColdPhase, + SerializedFrozenPhase, + SerializedHotPhase, +} from '../../../../../../common/types'; +import { i18nTexts } from '../../../edit_policy/i18n_texts'; +import { ActionDescription } from './action_description'; +import type { ActionComponentProps } from './types'; + +export const SearchableSnapshot = ({ phase, phases }: ActionComponentProps) => { + const phaseConfig = phases[phase]; + const searchableSnapshot = ( + phaseConfig as SerializedHotPhase | SerializedColdPhase | SerializedFrozenPhase + ).actions?.searchable_snapshot; + return searchableSnapshot ? ( + + {`${i18nTexts.editPolicy.searchableSnapshotsRepoFieldLabel}: `} + {searchableSnapshot.snapshot_repository} + , + ]} + /> + ) : null; +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/shrink.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/shrink.tsx new file mode 100644 index 0000000000000..2155a380ee1cd --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/shrink.tsx @@ -0,0 +1,49 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { SerializedHotPhase, SerializedWarmPhase } from '../../../../../../common/types'; +import { i18nTexts } from '../../../edit_policy/i18n_texts'; +import { i18nTexts as i18nTextsFlyout } from './i18n_texts'; +import type { ActionComponentProps } from './types'; +import { ActionDescription } from './action_description'; + +export const Shrink = ({ phase, phases }: ActionComponentProps) => { + const phaseConfig = phases[phase]; + const shrink = (phaseConfig as SerializedHotPhase | SerializedWarmPhase)?.actions.shrink; + const descriptionItems = []; + if (shrink?.number_of_shards) { + descriptionItems.push( + <> + {`${i18nTexts.editPolicy.shrinkNumberOfShardsLabel}: `} + {shrink.number_of_shards} + + ); + } + if (shrink?.max_primary_shard_size) { + descriptionItems.push( + <> + {`${i18nTexts.editPolicy.maxPrimaryShardSizeLabel}: `} + {shrink.max_primary_shard_size} + + ); + } + + descriptionItems.push( + <> + {`${i18nTexts.editPolicy.allowWriteAfterShrinkLabel}: `} + {shrink?.allow_write_after_shrink ? i18nTextsFlyout.yes : i18nTextsFlyout.no} + + ); + + return shrink ? ( + + ) : null; +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/types.ts b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/types.ts new file mode 100644 index 0000000000000..5407836972f55 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/types.ts @@ -0,0 +1,13 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { Phase, Phases } from '../../../../../../common/types'; + +export interface ActionComponentProps { + phase: Phase; + phases: Phases; +} diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/wait_for_snapshot.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/wait_for_snapshot.tsx new file mode 100644 index 0000000000000..216a0f08ed932 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/components/wait_for_snapshot.tsx @@ -0,0 +1,24 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { EuiCode } from '@elastic/eui'; +import { SerializedDeletePhase } from '../../../../../../common/types'; +import { i18nTexts } from '../../../edit_policy/i18n_texts'; +import { ActionDescription } from './action_description'; +import type { ActionComponentProps } from './types'; + +export const WaitForSnapshot = ({ phase, phases }: ActionComponentProps) => { + const phaseConfig = phases[phase]; + const waitForSnapshot = (phaseConfig as SerializedDeletePhase).actions?.wait_for_snapshot; + return waitForSnapshot ? ( + {waitForSnapshot.policy}]} + /> + ) : null; +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/delete_phase.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/delete_phase.tsx new file mode 100644 index 0000000000000..cf4b05bc7504a --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/delete_phase.tsx @@ -0,0 +1,28 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { PhaseDescription } from './phase_description'; +import { Phases } from '../../../../../common/types'; +import { MinAge, WaitForSnapshot, DeleteSearchableSnapshot } from './components'; + +export const DeletePhase = ({ phases }: { phases: Phases }) => { + return ( + + ); +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/frozen_phase.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/frozen_phase.tsx new file mode 100644 index 0000000000000..597d62274f912 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/frozen_phase.tsx @@ -0,0 +1,24 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { PhaseDescription } from './phase_description'; +import { Phases } from '../../../../../common/types'; +import { MinAge, SearchableSnapshot } from './components'; + +export const FrozenPhase = ({ phases }: { phases: Phases }) => { + return ( + + ); +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/hot_phase.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/hot_phase.tsx new file mode 100644 index 0000000000000..57b5b595a65ab --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/hot_phase.tsx @@ -0,0 +1,37 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { PhaseDescription } from './phase_description'; +import { Phases } from '../../../../../common/types'; +import { + Rollover, + Forcemerge, + Shrink, + SearchableSnapshot, + Downsample, + Readonly, + IndexPriority, +} from './components'; + +export const HotPhase = ({ phases }: { phases: Phases }) => { + return ( + + ); +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/index.ts b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/index.ts new file mode 100644 index 0000000000000..9e0738710860c --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/index.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { ViewPolicyFlyout } from './view_policy_flyout'; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/phase_description.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/phase_description.tsx new file mode 100644 index 0000000000000..16c4bf2d4ebbb --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/phase_description.tsx @@ -0,0 +1,43 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React, { ComponentType } from 'react'; +import { EuiFlexGroup, EuiFlexItem, EuiSpacer, EuiTitle, EuiDescriptionList } from '@elastic/eui'; +import { PhaseIndicator } from './phase_indicator'; +import { ActionComponentProps } from './components/types'; +import { i18nTexts } from '../../edit_policy/i18n_texts'; + +export const PhaseDescription = ({ + phase, + phases, + components, +}: ActionComponentProps & { + components: Array>; +}) => { + const title = i18nTexts.editPolicy.titles[phase]; + return ( + <> + + + + + + +

{title}

+ + + + + + {components.map((Component, index) => ( + + ))} + + + + ); +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/phase_indicator.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/phase_indicator.tsx new file mode 100644 index 0000000000000..6c5fd35dcdcfd --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/phase_indicator.tsx @@ -0,0 +1,32 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { css } from '@emotion/react'; +import { euiThemeVars } from '@kbn/ui-theme'; +import type { Phase } from '../../../../../common/types'; + +const phaseToIndicatorColors = { + hot: euiThemeVars.euiColorVis9, + warm: euiThemeVars.euiColorVis5, + cold: euiThemeVars.euiColorVis1, + frozen: euiThemeVars.euiColorVis4, + delete: euiThemeVars.euiColorLightShade, +}; +export const PhaseIndicator = ({ phase }: { phase: Phase }) => { + return ( +
+ ); +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/timeline.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/timeline.tsx new file mode 100644 index 0000000000000..1db8da207f490 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/timeline.tsx @@ -0,0 +1,31 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { PolicyFromES } from '../../../../../common/types'; +import { Timeline as ViewComponent } from '../../edit_policy/components/timeline/timeline'; + +export const Timeline = ({ policy }: { policy: PolicyFromES }) => { + const hasDeletePhase = Boolean(policy.policy.phases.delete); + const isUsingRollover = Boolean(policy.policy.phases.hot?.actions.rollover); + const warmPhaseMinAge = policy.policy.phases.warm?.min_age; + const coldPhaseMinAge = policy.policy.phases.cold?.min_age; + const frozenPhaseMinAge = policy.policy.phases.frozen?.min_age; + const deletePhaseMinAge = policy.policy.phases.delete?.min_age; + return ( + + ); +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/view_policy_flyout.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/view_policy_flyout.tsx new file mode 100644 index 0000000000000..e6576691c4af4 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/view_policy_flyout.tsx @@ -0,0 +1,204 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React, { useState } from 'react'; +import { useHistory } from 'react-router-dom'; +import { + EuiButton, + EuiButtonEmpty, + EuiContextMenu, + EuiFlexGroup, + EuiFlexItem, + EuiFlyout, + EuiFlyoutBody, + EuiFlyoutFooter, + EuiFlyoutHeader, + EuiIcon, + EuiPopover, + EuiSpacer, + EuiTitle, +} from '@elastic/eui'; +import { i18n } from '@kbn/i18n'; +import { METRIC_TYPE } from '@kbn/analytics'; +import { PolicyFromES } from '../../../../../common/types'; +import { trackUiMetric } from '../../../services/ui_metric'; +import { hasLinkedIndices } from '../../../lib/policies'; +import { getPoliciesListPath, getPolicyEditPath } from '../../../services/navigation'; +import { UIM_EDIT_CLICK } from '../../../constants'; +import { useIsReadOnly } from '../../../lib/use_is_read_only'; +import { usePolicyListContext } from '../policy_list_context'; +import { DeprecatedPolicyBadge, ManagedPolicyBadge } from '../components'; +import { HotPhase } from './hot_phase'; +import { WarmPhase } from './warm_phase'; +import { Timeline } from './timeline'; +import { ColdPhase } from './cold_phase'; +import { DeletePhase } from './delete_phase'; +import { FrozenPhase } from './frozen_phase'; + +export const ViewPolicyFlyout = ({ policy }: { policy: PolicyFromES }) => { + const isReadOnly = useIsReadOnly(); + const { setListAction } = usePolicyListContext(); + const history = useHistory(); + const onClose = () => { + history.push(getPoliciesListPath()); + }; + const onEdit = (policyName: string) => { + trackUiMetric(METRIC_TYPE.CLICK, UIM_EDIT_CLICK); + history.push(getPolicyEditPath(policyName)); + }; + const [showPopover, setShowPopover] = useState(false); + const actionMenuItems = [ + /** + * Edit policy + */ + { + name: i18n.translate('xpack.indexLifecycleMgmt.policyFlyout.editActionLabel', { + defaultMessage: 'Edit', + }), + icon: , + onClick: () => onEdit(policy.name), + }, + /** + * Add policy to index template + */ + { + name: i18n.translate('xpack.indexLifecycleMgmt.policyFlyout.addToIndexTemplate', { + defaultMessage: 'Add to index template', + }), + icon: , + onClick: () => setListAction({ selectedPolicy: policy, actionType: 'addIndexTemplate' }), + }, + ]; + /** + * Delete policy + */ + if (!hasLinkedIndices(policy)) { + actionMenuItems.push({ + name: i18n.translate('xpack.indexLifecycleMgmt.policyFlyout.deleteActionLabel', { + defaultMessage: 'Delete', + }), + icon: , + onClick: () => { + setShowPopover(false); + setListAction({ selectedPolicy: policy, actionType: 'deletePolicy' }); + }, + }); + } + + const managePolicyButton = ( + setShowPopover((previousBool) => !previousBool)} + iconType="arrowUp" + iconSide="right" + fill + data-test-subj="managePolicyButton" + > + {i18n.translate('xpack.indexLifecycleMgmt.policyFlyout.managePolicyButtonLabel', { + defaultMessage: 'Manage', + })} + + ); + + return ( + + + + + +

{policy.name}

+ + + {policy.policy.deprecated ? ( + + {' '} + + + ) : null} + {policy.policy?._meta?.managed ? ( + + {' '} + + + ) : null} + + + + + {/* Timeline */} + + + + {/* Hot phase */} + {policy.policy.phases.hot && } + + {/* Warm phase */} + {policy.policy.phases.warm && } + + {/* Cold phase */} + {policy.policy.phases.cold && } + + {/* Frozen phase */} + {policy.policy.phases.frozen && } + + {/* Delete phase */} + {policy.policy.phases.delete && } + + + + + + + {i18n.translate('xpack.indexLifecycleMgmt.policyFlyout.closeButtonLabel', { + defaultMessage: 'Close', + })} + + + {!isReadOnly && ( + + + setShowPopover(false)} + button={managePolicyButton} + panelPaddingSize="none" + repositionOnScroll + > + + + + + )} + + + + ); +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/warm_phase.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/warm_phase.tsx new file mode 100644 index 0000000000000..70bc15e4da4f4 --- /dev/null +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_flyout/warm_phase.tsx @@ -0,0 +1,39 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { PhaseDescription } from './phase_description'; +import { Phases } from '../../../../../common/types'; +import { + MinAge, + Replicas, + Forcemerge, + Shrink, + Downsample, + Readonly, + IndexPriority, + DataAllocation, +} from './components'; + +export const WarmPhase = ({ phases }: { phases: Phases }) => { + return ( + + ); +}; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_list.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_list.tsx index 0a81f6b16bf43..8894e4e63928c 100644 --- a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_list.tsx +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_list.tsx @@ -5,16 +5,18 @@ * 2.0. */ -import React, { Fragment } from 'react'; +import React, { Fragment, useEffect, useState } from 'react'; import { FormattedMessage } from '@kbn/i18n-react'; import { EuiButton, EuiSpacer, EuiPageHeader, EuiPageTemplate } from '@elastic/eui'; import { useHistory } from 'react-router-dom'; import { reactRouterNavigate } from '@kbn/kibana-react-plugin/public'; +import { usePolicyListContext } from './policy_list_context'; +import { useIsReadOnly } from '../../lib/use_is_read_only'; import { PolicyFromES } from '../../../../common/types'; -import { PolicyTable } from './components/policy_table'; -import { getPolicyCreatePath } from '../../services/navigation'; -import { ListActionHandler } from './components/list_action_handler'; +import { getPoliciesListPath, getPolicyCreatePath } from '../../services/navigation'; +import { PolicyTable, ListActionHandler } from './components'; +import { ViewPolicyFlyout } from './policy_flyout'; interface Props { policies: PolicyFromES[]; @@ -23,6 +25,19 @@ interface Props { export const PolicyList: React.FunctionComponent = ({ policies, updatePolicies }) => { const history = useHistory(); + const isReadOnly = useIsReadOnly(); + const { setListAction } = usePolicyListContext(); + const [flyoutPolicy, setFlyoutPolicy] = useState(null); + useEffect(() => { + const params = new URLSearchParams(history.location.search); + const policyParam = decodeURIComponent(params.get('policy') ?? ''); + const policyFromParam = policies.find((policy) => policy.name === policyParam); + if (policyFromParam) { + setFlyoutPolicy(policyFromParam); + } else { + setFlyoutPolicy(null); + } + }, [history.location.search, policies, setListAction]); const createPolicyButton = ( = ({ policies, updatePol ); } + const rightSideItems = isReadOnly ? [] : [createPolicyButton]; return ( <> - + { + // if a flyout was open, then close it + history.push(getPoliciesListPath()); + // update the policies in the list after 1 was deleted + updatePolicies(); + }} + /> = ({ policies, updatePol /> } bottomBorder - rightSideItems={[createPolicyButton]} + rightSideItems={rightSideItems} /> + + {flyoutPolicy && } ); }; diff --git a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_list_context.tsx b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_list_context.tsx index a77aac9ad2f11..bf20ac66b3e07 100644 --- a/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_list_context.tsx +++ b/x-pack/plugins/index_lifecycle_management/public/application/sections/policy_list/policy_list_context.tsx @@ -9,7 +9,7 @@ import React, { createContext, ReactChild, useContext, useState } from 'react'; import { PolicyFromES } from '../../../../common/types'; interface ListAction { - actionType: 'viewIndexTemplates' | 'addIndexTemplate' | 'deletePolicy'; + actionType: 'viewIndexTemplates' | 'addIndexTemplate' | 'deletePolicy' | 'viewPolicy'; selectedPolicy: PolicyFromES; } diff --git a/x-pack/plugins/index_lifecycle_management/public/application/services/navigation.ts b/x-pack/plugins/index_lifecycle_management/public/application/services/navigation.ts index f967f503a79a7..bab80c67cbf8e 100644 --- a/x-pack/plugins/index_lifecycle_management/public/application/services/navigation.ts +++ b/x-pack/plugins/index_lifecycle_management/public/application/services/navigation.ts @@ -18,6 +18,10 @@ export const getPolicyEditPath = (policyName: string): string => { return encodeURI(`/policies/edit/${encodeURIComponent(policyName)}`); }; +export const getPolicyViewPath = (policyName: string): string => { + return encodeURI(`/policies?policy=${encodeURIComponent(policyName)}`); +}; + export const getPolicyCreatePath = () => { return ROUTES.create; }; diff --git a/x-pack/plugins/index_lifecycle_management/public/types.ts b/x-pack/plugins/index_lifecycle_management/public/types.ts index 6ea4c4d2b18ae..a1a58e80d8301 100644 --- a/x-pack/plugins/index_lifecycle_management/public/types.ts +++ b/x-pack/plugins/index_lifecycle_management/public/types.ts @@ -46,4 +46,5 @@ export interface AppServicesContext { overlays: OverlayStart; http: HttpSetup; history: ScopedHistory; + capabilities: ApplicationStart['capabilities']; } diff --git a/x-pack/plugins/index_lifecycle_management/server/plugin.ts b/x-pack/plugins/index_lifecycle_management/server/plugin.ts index 8c72c3408268f..0d88acbaaa4ff 100644 --- a/x-pack/plugins/index_lifecycle_management/server/plugin.ts +++ b/x-pack/plugins/index_lifecycle_management/server/plugin.ts @@ -75,7 +75,11 @@ export class IndexLifecycleManagementServerPlugin implements Plugin { - const took = - (response?.json as { rawResponse: estypes.SearchResponse | undefined } | undefined) - ?.rawResponse?.took ?? 0; - return Math.max(maxTime, took); - }, 0); + const timings = getSuccessfulRequestTimings(adapters); + esTookTime.current = timings ? timings.esTookTotal : 0; } if (requestWarnings.length) { diff --git a/x-pack/plugins/lens/public/embeddable/embeddable.tsx b/x-pack/plugins/lens/public/embeddable/embeddable.tsx index 6c758abb81cff..51bcbb4fed635 100644 --- a/x-pack/plugins/lens/public/embeddable/embeddable.tsx +++ b/x-pack/plugins/lens/public/embeddable/embeddable.tsx @@ -12,6 +12,7 @@ import { css } from '@emotion/react'; import { i18n } from '@kbn/i18n'; import { render, unmountComponentAtNode } from 'react-dom'; import { ENABLE_ESQL } from '@kbn/esql-utils'; +import { reportPerformanceMetricEvent } from '@kbn/ebt-tools'; import { DataViewBase, EsQueryConfig, @@ -86,6 +87,7 @@ import { DataViewSpec } from '@kbn/data-views-plugin/common'; import { FormattedMessage } from '@kbn/i18n-react'; import { useEuiFontSize, useEuiTheme, EuiEmptyPrompt } from '@elastic/eui'; import { canTrackContentfulRender } from '@kbn/presentation-containers'; +import { getSuccessfulRequestTimings } from '../report_performance_metric_util'; import { getExecutionContextEvents, trackUiCounterEvents } from '../lens_ui_telemetry'; import { Document } from '../persistence'; import { ExpressionWrapper, ExpressionWrapperProps } from './expression_wrapper'; @@ -1076,6 +1078,18 @@ export class Embeddable ...this.getOutput(), rendered: true, }); + + const inspectorAdapters = this.getInspectorAdapters(); + const timings = getSuccessfulRequestTimings(inspectorAdapters); + if (timings) { + const esRequestMetrics = { + eventName: 'lens_chart_es_request_totals', + duration: timings.requestTimeTotal, + key1: 'es_took_total', + value1: timings.esTookTotal, + }; + reportPerformanceMetricEvent(this.deps.coreStart.analytics, esRequestMetrics); + } }; getExecutionContext() { diff --git a/x-pack/plugins/lens/public/report_performance_metric_util.ts b/x-pack/plugins/lens/public/report_performance_metric_util.ts new file mode 100644 index 0000000000000..64465e8d20a18 --- /dev/null +++ b/x-pack/plugins/lens/public/report_performance_metric_util.ts @@ -0,0 +1,36 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { RequestStatus } from '@kbn/inspector-plugin/common'; +import type { Adapters } from '@kbn/inspector-plugin/public'; +import { estypes } from '@elastic/elasticsearch'; + +export interface ILensRequestPerformance { + requestTimeTotal: number; + esTookTotal: number; +} + +export function getSuccessfulRequestTimings( + inspectorAdapters: Adapters +): ILensRequestPerformance | null { + const requests = inspectorAdapters.requests?.getRequests() || []; + + let esTookTotal = 0; + let requestTimeTotal = 0; + for (let i = 0; i < requests.length; i++) { + const request = requests[i]; + if (request.status !== RequestStatus.OK) { + return null; + } + esTookTotal += + (request.response?.json as { rawResponse: estypes.SearchResponse | undefined } | undefined) + ?.rawResponse?.took ?? 0; + requestTimeTotal += request.time || 0; + } + + return { requestTimeTotal, esTookTotal }; +} diff --git a/x-pack/plugins/lens/tsconfig.json b/x-pack/plugins/lens/tsconfig.json index f94cc7d3dfd1c..a615c8a4b5bcc 100644 --- a/x-pack/plugins/lens/tsconfig.json +++ b/x-pack/plugins/lens/tsconfig.json @@ -58,7 +58,7 @@ "@kbn/ui-theme", "@kbn/shared-ux-link-redirect-app", "@kbn/monaco", - "@kbn/language-documentation-popover", + "@kbn/language-documentation", "@kbn/core-saved-objects-common", "@kbn/core-ui-settings-browser", "@kbn/core-saved-objects-server", diff --git a/x-pack/plugins/ml/public/application/explorer/actions/job_selection.ts b/x-pack/plugins/ml/public/application/explorer/actions/job_selection.ts index 2523db6fa8165..bd6bcd6e95657 100644 --- a/x-pack/plugins/ml/public/application/explorer/actions/job_selection.ts +++ b/x-pack/plugins/ml/public/application/explorer/actions/job_selection.ts @@ -5,6 +5,7 @@ * 2.0. */ +import type { Observable } from 'rxjs'; import { from } from 'rxjs'; import { map } from 'rxjs'; @@ -12,13 +13,14 @@ import type { MlFieldFormatService } from '../../services/field_format_service'; import type { MlJobService } from '../../services/job_service'; import { EXPLORER_ACTION } from '../explorer_constants'; -import { createJobs } from '../explorer_utils'; +import { createJobs, getInfluencers } from '../explorer_utils'; +import type { ExplorerActions } from '../explorer_dashboard_service'; export function jobSelectionActionCreator( mlJobService: MlJobService, mlFieldFormatService: MlFieldFormatService, selectedJobIds: string[] -) { +): Observable { return from(mlFieldFormatService.populateFormats(selectedJobIds)).pipe( map((resp) => { if (resp.error) { @@ -31,12 +33,14 @@ export function jobSelectionActionCreator( }); const selectedJobs = jobs.filter((job) => job.selected); + const noInfluencersConfigured = getInfluencers(mlJobService, selectedJobs).length === 0; return { type: EXPLORER_ACTION.JOB_SELECTION_CHANGE, payload: { loading: false, selectedJobs, + noInfluencersConfigured, }, }; }) diff --git a/x-pack/plugins/ml/public/application/explorer/explorer_constants.ts b/x-pack/plugins/ml/public/application/explorer/explorer_constants.ts index 2be1a88b55880..9deb2ca8aa74f 100644 --- a/x-pack/plugins/ml/public/application/explorer/explorer_constants.ts +++ b/x-pack/plugins/ml/public/application/explorer/explorer_constants.ts @@ -24,7 +24,7 @@ export const EXPLORER_ACTION = { JOB_SELECTION_CHANGE: 'jobSelectionChange', SET_CHARTS_DATA_LOADING: 'setChartsDataLoading', SET_EXPLORER_DATA: 'setExplorerData', -}; +} as const; export const FILTER_ACTION = { ADD: '+', diff --git a/x-pack/plugins/ml/public/application/explorer/explorer_dashboard_service.ts b/x-pack/plugins/ml/public/application/explorer/explorer_dashboard_service.ts index 1cf723f5145d6..2f5ed99c9a401 100644 --- a/x-pack/plugins/ml/public/application/explorer/explorer_dashboard_service.ts +++ b/x-pack/plugins/ml/public/application/explorer/explorer_dashboard_service.ts @@ -21,21 +21,38 @@ import type { ExplorerState } from './reducers'; import { explorerReducer, getExplorerDefaultState } from './reducers'; import type { MlFieldFormatService } from '../services/field_format_service'; import type { MlJobService } from '../services/job_service'; +import type { ExplorerJob } from './explorer_utils'; -type ExplorerAction = Action | Observable; -export const explorerAction$ = new Subject(); +type ExplorerAction = (typeof EXPLORER_ACTION)[keyof typeof EXPLORER_ACTION]; -export type ActionPayload = any; - -export interface Action { - type: string; - payload?: ActionPayload; +export interface ExplorerActionPayloads { + [EXPLORER_ACTION.SET_EXPLORER_DATA]: DeepPartial; + [EXPLORER_ACTION.JOB_SELECTION_CHANGE]: { + loading: boolean; + selectedJobs: ExplorerJob[]; + noInfluencersConfigured: boolean; + }; } +export type ExplorerActions = { + [K in ExplorerAction]: K extends keyof ExplorerActionPayloads + ? { + type: K; + payload: ExplorerActionPayloads[K]; + } + : { + type: K; + }; +}[ExplorerAction]; + +type ExplorerActionMaybeObservable = ExplorerActions | Observable; + +export const explorerAction$ = new Subject(); + const explorerFilteredAction$ = explorerAction$.pipe( // consider observables as side-effects - flatMap((action: ExplorerAction) => - isObservable(action) ? action : (from([action]) as Observable) + flatMap((action: ExplorerActionMaybeObservable) => + isObservable(action) ? action : (from([action]) as Observable) ), distinctUntilChanged(isEqual) ); @@ -47,11 +64,6 @@ const explorerState$: Observable = explorerFilteredAction$.pipe( shareReplay(1) ); -const setExplorerDataActionCreator = (payload: DeepPartial) => ({ - type: EXPLORER_ACTION.SET_EXPLORER_DATA, - payload, -}); - // Export observable state and action dispatchers as service export const explorerServiceFactory = ( mlJobService: MlJobService, @@ -62,7 +74,9 @@ export const explorerServiceFactory = ( explorerAction$.next({ type: EXPLORER_ACTION.CLEAR_EXPLORER_DATA }); }, clearInfluencerFilterSettings: () => { - explorerAction$.next({ type: EXPLORER_ACTION.CLEAR_INFLUENCER_FILTER_SETTINGS }); + explorerAction$.next({ + type: EXPLORER_ACTION.CLEAR_INFLUENCER_FILTER_SETTINGS, + }); }, clearJobs: () => { explorerAction$.next({ type: EXPLORER_ACTION.CLEAR_JOBS }); @@ -73,7 +87,7 @@ export const explorerServiceFactory = ( ); }, setExplorerData: (payload: DeepPartial) => { - explorerAction$.next(setExplorerDataActionCreator(payload)); + explorerAction$.next({ type: EXPLORER_ACTION.SET_EXPLORER_DATA, payload }); }, setChartsDataLoading: () => { explorerAction$.next({ type: EXPLORER_ACTION.SET_CHARTS_DATA_LOADING }); diff --git a/x-pack/plugins/ml/public/application/explorer/reducers/explorer_reducer/get_index_pattern.ts b/x-pack/plugins/ml/public/application/explorer/reducers/explorer_reducer/get_index_pattern.ts index ca360a9c4cb69..878ba9370c95b 100644 --- a/x-pack/plugins/ml/public/application/explorer/reducers/explorer_reducer/get_index_pattern.ts +++ b/x-pack/plugins/ml/public/application/explorer/reducers/explorer_reducer/get_index_pattern.ts @@ -6,14 +6,15 @@ */ import { ML_RESULTS_INDEX_PATTERN } from '../../../../../common/constants/index_patterns'; +import type { ExplorerJob } from '../../explorer_utils'; // Creates index pattern in the format expected by the kuery bar/kuery autocomplete provider // Field objects required fields: name, type, aggregatable, searchable -export function getIndexPattern(influencers: string[]) { +export function getIndexPattern(influencers: ExplorerJob[]) { return { title: ML_RESULTS_INDEX_PATTERN, fields: influencers.map((influencer) => ({ - name: influencer, + name: influencer.id, type: 'string', aggregatable: true, searchable: true, diff --git a/x-pack/plugins/ml/public/application/explorer/reducers/explorer_reducer/job_selection_change.ts b/x-pack/plugins/ml/public/application/explorer/reducers/explorer_reducer/job_selection_change.ts index da657c3f18bc7..58f7461b11047 100644 --- a/x-pack/plugins/ml/public/application/explorer/reducers/explorer_reducer/job_selection_change.ts +++ b/x-pack/plugins/ml/public/application/explorer/reducers/explorer_reducer/job_selection_change.ts @@ -5,12 +5,16 @@ * 2.0. */ -import type { ActionPayload } from '../../explorer_dashboard_service'; +import type { EXPLORER_ACTION } from '../../explorer_constants'; +import type { ExplorerActionPayloads } from '../../explorer_dashboard_service'; import { getIndexPattern } from './get_index_pattern'; import type { ExplorerState } from './state'; -export const jobSelectionChange = (state: ExplorerState, payload: ActionPayload): ExplorerState => { +export const jobSelectionChange = ( + state: ExplorerState, + payload: ExplorerActionPayloads[typeof EXPLORER_ACTION.JOB_SELECTION_CHANGE] +): ExplorerState => { const { selectedJobs, noInfluencersConfigured } = payload; const stateUpdate: ExplorerState = { ...state, diff --git a/x-pack/plugins/ml/public/application/explorer/reducers/explorer_reducer/reducer.ts b/x-pack/plugins/ml/public/application/explorer/reducers/explorer_reducer/reducer.ts index d7f52a9277a3c..4be342c9333ad 100644 --- a/x-pack/plugins/ml/public/application/explorer/reducers/explorer_reducer/reducer.ts +++ b/x-pack/plugins/ml/public/application/explorer/reducers/explorer_reducer/reducer.ts @@ -7,7 +7,7 @@ import { getDefaultChartsData } from '../../explorer_charts/explorer_charts_container_service'; import { EXPLORER_ACTION } from '../../explorer_constants'; -import type { Action } from '../../explorer_dashboard_service'; +import type { ExplorerActionPayloads, ExplorerActions } from '../../explorer_dashboard_service'; import { getClearedSelectedAnomaliesState } from '../../explorer_utils'; import { clearInfluencerFilterSettings } from './clear_influencer_filter_settings'; @@ -16,8 +16,12 @@ import type { ExplorerState } from './state'; import { getExplorerDefaultState } from './state'; import { setKqlQueryBarPlaceholder } from './set_kql_query_bar_placeholder'; -export const explorerReducer = (state: ExplorerState, nextAction: Action): ExplorerState => { - const { type, payload } = nextAction; +export const explorerReducer = ( + state: ExplorerState, + nextAction: ExplorerActions +): ExplorerState => { + const { type } = nextAction; + const payload = 'payload' in nextAction ? nextAction.payload : {}; let nextState: ExplorerState; @@ -40,7 +44,10 @@ export const explorerReducer = (state: ExplorerState, nextAction: Action): Explo break; case EXPLORER_ACTION.JOB_SELECTION_CHANGE: - nextState = jobSelectionChange(state, payload); + nextState = jobSelectionChange( + state, + payload as ExplorerActionPayloads[typeof EXPLORER_ACTION.JOB_SELECTION_CHANGE] + ); break; case EXPLORER_ACTION.SET_CHARTS_DATA_LOADING: @@ -52,7 +59,7 @@ export const explorerReducer = (state: ExplorerState, nextAction: Action): Explo break; case EXPLORER_ACTION.SET_EXPLORER_DATA: - nextState = { ...state, ...payload }; + nextState = { ...state, ...(payload as Partial) }; break; default: diff --git a/x-pack/plugins/observability_solution/infra/public/pages/metrics/metrics_explorer/components/helpers/create_tsvb_link.ts b/x-pack/plugins/observability_solution/infra/public/pages/metrics/metrics_explorer/components/helpers/create_tsvb_link.ts index ee64069cea737..c4ad0cdcf812c 100644 --- a/x-pack/plugins/observability_solution/infra/public/pages/metrics/metrics_explorer/components/helpers/create_tsvb_link.ts +++ b/x-pack/plugins/observability_solution/infra/public/pages/metrics/metrics_explorer/components/helpers/create_tsvb_link.ts @@ -114,7 +114,7 @@ export const createFilterFromOptions = ( filters.push(options.filterQuery); } if (options.groupBy) { - const id = series.id.replace('"', '\\"'); + const id = series.id.replace(/"/g, '\\"'); const groupByFilters = Array.isArray(options.groupBy) ? options.groupBy .map((field, index) => { @@ -125,7 +125,7 @@ export const createFilterFromOptions = ( if (!value) { return null; } - return `${field}: "${value.replace('"', '\\"')}"`; + return `${field}: "${value.replace(/"/g, '\\"')}"`; }) .join(' and ') : `${options.groupBy} : "${id}"`; diff --git a/x-pack/plugins/observability_solution/inventory/.storybook/get_mock_inventory_context.tsx b/x-pack/plugins/observability_solution/inventory/.storybook/get_mock_inventory_context.tsx index 1c5e2fd1f205b..da59f29c57842 100644 --- a/x-pack/plugins/observability_solution/inventory/.storybook/get_mock_inventory_context.tsx +++ b/x-pack/plugins/observability_solution/inventory/.storybook/get_mock_inventory_context.tsx @@ -8,24 +8,22 @@ import { coreMock } from '@kbn/core/public/mocks'; import type { ObservabilitySharedPluginStart } from '@kbn/observability-shared-plugin/public'; import type { InferencePublicStart } from '@kbn/inference-plugin/public'; +import type { SharePluginStart } from '@kbn/share-plugin/public'; import type { InventoryKibanaContext } from '../public/hooks/use_kibana'; +import type { ITelemetryClient } from '../public/services/telemetry/types'; export function getMockInventoryContext(): InventoryKibanaContext { - const core = coreMock.createStart(); + const coreStart = coreMock.createStart(); return { - core, - dependencies: { - start: { - observabilityShared: {} as unknown as ObservabilitySharedPluginStart, - inference: {} as unknown as InferencePublicStart, - }, - }, - services: { - inventoryAPIClient: { - fetch: jest.fn(), - stream: jest.fn(), - }, + ...coreStart, + observabilityShared: {} as unknown as ObservabilitySharedPluginStart, + inference: {} as unknown as InferencePublicStart, + share: {} as unknown as SharePluginStart, + telemetry: {} as unknown as ITelemetryClient, + inventoryAPIClient: { + fetch: jest.fn(), + stream: jest.fn(), }, }; } diff --git a/x-pack/plugins/observability_solution/inventory/kibana.jsonc b/x-pack/plugins/observability_solution/inventory/kibana.jsonc index ced0f412ab935..9262e111c401f 100644 --- a/x-pack/plugins/observability_solution/inventory/kibana.jsonc +++ b/x-pack/plugins/observability_solution/inventory/kibana.jsonc @@ -11,7 +11,8 @@ "observabilityShared", "entityManager", "inference", - "dataViews" + "dataViews", + "share" ], "requiredBundles": [ "kibanaReact" diff --git a/x-pack/plugins/observability_solution/inventory/public/application.tsx b/x-pack/plugins/observability_solution/inventory/public/application.tsx index 5b235c15e7c4f..d34be920d68ff 100644 --- a/x-pack/plugins/observability_solution/inventory/public/application.tsx +++ b/x-pack/plugins/observability_solution/inventory/public/application.tsx @@ -4,64 +4,46 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ -import type { CoreStart, CoreTheme } from '@kbn/core/public'; -import { RedirectAppLinks } from '@kbn/shared-ux-link-redirect-app'; -import type { History } from 'history'; -import React, { useMemo } from 'react'; -import type { Observable } from 'rxjs'; -import { RouteRenderer, RouterProvider } from '@kbn/typed-react-router-config'; +import React from 'react'; +import ReactDOM from 'react-dom'; +import { APP_WRAPPER_CLASS, type AppMountParameters, type CoreStart } from '@kbn/core/public'; import { KibanaRenderContextProvider } from '@kbn/react-kibana-context-render'; +import { css } from '@emotion/css'; import type { InventoryStartDependencies } from './types'; -import { inventoryRouter } from './routes/config'; -import { InventoryKibanaContext } from './hooks/use_kibana'; import { InventoryServices } from './services/types'; -import { InventoryContextProvider } from './components/inventory_context_provider'; +import { AppRoot } from './components/app_root'; -function Application({ +export const renderApp = ({ coreStart, - history, pluginsStart, - theme$, services, + appMountParameters, }: { coreStart: CoreStart; - history: History; pluginsStart: InventoryStartDependencies; - theme$: Observable; services: InventoryServices; -}) { - const theme = useMemo(() => { - return { theme$ }; - }, [theme$]); +} & { appMountParameters: AppMountParameters }) => { + const { element } = appMountParameters; - const context: InventoryKibanaContext = useMemo( - () => ({ - core: coreStart, - dependencies: { - start: pluginsStart, - }, - services, - }), - [coreStart, pluginsStart, services] - ); + const appWrapperClassName = css` + overflow: auto; + `; + const appWrapperElement = document.getElementsByClassName(APP_WRAPPER_CLASS)[1]; + appWrapperElement.classList.add(appWrapperClassName); - return ( - - - - - - - - - - - + ReactDOM.render( + + + , + element ); -} - -export { Application }; + return () => { + ReactDOM.unmountComponentAtNode(element); + appWrapperElement.classList.remove(APP_WRAPPER_CLASS); + }; +}; diff --git a/x-pack/plugins/observability_solution/inventory/public/components/app_root/header_action_menu/add_data_action_menu.tsx b/x-pack/plugins/observability_solution/inventory/public/components/app_root/header_action_menu/add_data_action_menu.tsx new file mode 100644 index 0000000000000..ca4bc06df648a --- /dev/null +++ b/x-pack/plugins/observability_solution/inventory/public/components/app_root/header_action_menu/add_data_action_menu.tsx @@ -0,0 +1,120 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React, { useState } from 'react'; +import { + EuiContextMenu, + EuiContextMenuPanelDescriptor, + EuiFlexGroup, + EuiFlexItem, + EuiHeaderLink, + EuiIcon, + EuiPopover, +} from '@elastic/eui'; +import { i18n } from '@kbn/i18n'; +import { + OBSERVABILITY_ONBOARDING_LOCATOR, + ObservabilityOnboardingLocatorParams, +} from '@kbn/deeplinks-observability'; +import { useKibana } from '../../../hooks/use_kibana'; +import type { InventoryAddDataParams } from '../../../services/telemetry/types'; + +const addDataTitle = i18n.translate('xpack.inventory.addDataContextMenu.link', { + defaultMessage: 'Add data', +}); +const addDataItem = i18n.translate('xpack.inventory.add.apm.agent.button.', { + defaultMessage: 'Add data', +}); + +const associateServiceLogsItem = i18n.translate('xpack.inventory.associate.service.logs.button', { + defaultMessage: 'Associate existing service logs', +}); + +const ASSOCIATE_LOGS_LINK = 'https://ela.st/new-experience-associate-service-logs'; + +export function AddDataContextMenu() { + const [popoverOpen, setPopoverOpen] = useState(false); + const { + services: { share, telemetry }, + } = useKibana(); + + const onboardingLocator = share.url.locators.get( + OBSERVABILITY_ONBOARDING_LOCATOR + ); + + const button = ( + setPopoverOpen((prevState) => !prevState)} + data-test-subj="inventoryAddDataHeaderContextMenu" + > + + {addDataTitle} + + + + + + ); + + function reportButtonClick(journey: InventoryAddDataParams['journey']) { + telemetry.reportInventoryAddData({ + view: 'add_data_button', + journey, + }); + } + + const panels: EuiContextMenuPanelDescriptor[] = [ + { + id: 0, + title: addDataTitle, + items: [ + { + name: ( + + {associateServiceLogsItem} + + + + + ), + key: 'associateServiceLogs', + href: ASSOCIATE_LOGS_LINK, + 'data-test-subj': 'inventoryHeaderMenuAddDataAssociateServiceLogs', + target: '_blank', + onClick: () => { + reportButtonClick('associate_existing_service_logs'); + }, + }, + { + name: addDataItem, + key: 'addData', + href: onboardingLocator?.getRedirectUrl({ category: '' }), + icon: 'plusInCircle', + 'data-test-subj': 'inventoryHeaderMenuAddData', + onClick: () => { + reportButtonClick('add_data'); + }, + }, + ], + }, + ]; + + return ( + setPopoverOpen(false)} + panelPaddingSize="none" + anchorPosition="downCenter" + > + + + ); +} diff --git a/x-pack/plugins/observability_solution/inventory/public/components/app_root/header_action_menu/index.tsx b/x-pack/plugins/observability_solution/inventory/public/components/app_root/header_action_menu/index.tsx new file mode 100644 index 0000000000000..5ae0f4dd24574 --- /dev/null +++ b/x-pack/plugins/observability_solution/inventory/public/components/app_root/header_action_menu/index.tsx @@ -0,0 +1,18 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { EuiHeaderLinks } from '@elastic/eui'; +import { AddDataContextMenu } from './add_data_action_menu'; + +export function HeaderActionMenuItems() { + return ( + + + + ); +} diff --git a/x-pack/plugins/observability_solution/inventory/public/components/app_root/index.tsx b/x-pack/plugins/observability_solution/inventory/public/components/app_root/index.tsx new file mode 100644 index 0000000000000..80fc8cbe3d604 --- /dev/null +++ b/x-pack/plugins/observability_solution/inventory/public/components/app_root/index.tsx @@ -0,0 +1,66 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { RedirectAppLinks } from '@kbn/shared-ux-link-redirect-app'; +import React from 'react'; +import { type AppMountParameters, type CoreStart } from '@kbn/core/public'; +import { RouteRenderer, RouterProvider } from '@kbn/typed-react-router-config'; +import { HeaderMenuPortal } from '@kbn/observability-shared-plugin/public'; +import { EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; +import { InventoryContextProvider } from '../inventory_context_provider'; +import { inventoryRouter } from '../../routes/config'; +import { HeaderActionMenuItems } from './header_action_menu'; +import { InventoryStartDependencies } from '../../types'; +import { InventoryServices } from '../../services/types'; + +export function AppRoot({ + coreStart, + pluginsStart, + services, + appMountParameters, +}: { + coreStart: CoreStart; + pluginsStart: InventoryStartDependencies; + services: InventoryServices; +} & { appMountParameters: AppMountParameters }) { + const { history } = appMountParameters; + + const context = { + ...coreStart, + ...pluginsStart, + ...services, + }; + + return ( + + + + + + + + + ); +} + +export function InventoryHeaderActionMenu({ + appMountParameters, +}: { + appMountParameters: AppMountParameters; +}) { + const { setHeaderActionMenu, theme$ } = appMountParameters; + + return ( + + + + + + + + ); +} diff --git a/x-pack/plugins/observability_solution/inventory/public/components/inventory_page_template/index.tsx b/x-pack/plugins/observability_solution/inventory/public/components/inventory_page_template/index.tsx index 4dd8eaf3899ee..7c5d94fe26449 100644 --- a/x-pack/plugins/observability_solution/inventory/public/components/inventory_page_template/index.tsx +++ b/x-pack/plugins/observability_solution/inventory/public/components/inventory_page_template/index.tsx @@ -10,9 +10,7 @@ import { useKibana } from '../../hooks/use_kibana'; export function InventoryPageTemplate({ children }: { children: React.ReactNode }) { const { - dependencies: { - start: { observabilityShared }, - }, + services: { observabilityShared }, } = useKibana(); const { PageTemplate: ObservabilityPageTemplate } = observabilityShared.navigation; diff --git a/x-pack/plugins/observability_solution/inventory/public/hooks/use_inventory_abortable_async.ts b/x-pack/plugins/observability_solution/inventory/public/hooks/use_inventory_abortable_async.ts new file mode 100644 index 0000000000000..84cef842488e0 --- /dev/null +++ b/x-pack/plugins/observability_solution/inventory/public/hooks/use_inventory_abortable_async.ts @@ -0,0 +1,36 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { useAbortableAsync } from '@kbn/observability-utils/hooks/use_abortable_async'; +import { i18n } from '@kbn/i18n'; +import { IHttpFetchError, ResponseErrorBody } from '@kbn/core-http-browser'; +import { useKibana } from './use_kibana'; + +const getDetailsFromErrorResponse = (error: IHttpFetchError) => + error.body?.message ?? error.response?.statusText; + +export function useInventoryAbortableAsync(...args: Parameters>) { + const { + services: { notifications }, + } = useKibana(); + const response = useAbortableAsync(...args); + + if (response.error) { + const errorMessage = + 'response' in response.error + ? getDetailsFromErrorResponse(response.error as IHttpFetchError) + : response.error.message; + + notifications.toasts.addDanger({ + title: i18n.translate('xpack.inventory.apiCall.error.title', { + defaultMessage: `Error while fetching resource`, + }), + text: errorMessage, + }); + } + + return response; +} diff --git a/x-pack/plugins/observability_solution/inventory/public/hooks/use_inventory_router.ts b/x-pack/plugins/observability_solution/inventory/public/hooks/use_inventory_router.ts index 5c968eaf852ed..a917daf576ded 100644 --- a/x-pack/plugins/observability_solution/inventory/public/hooks/use_inventory_router.ts +++ b/x-pack/plugins/observability_solution/inventory/public/hooks/use_inventory_router.ts @@ -24,7 +24,7 @@ interface StatefulInventoryRouter extends InventoryRouter { export function useInventoryRouter(): StatefulInventoryRouter { const { - core: { + services: { http, application: { navigateToApp }, }, diff --git a/x-pack/plugins/observability_solution/inventory/public/hooks/use_kibana.tsx b/x-pack/plugins/observability_solution/inventory/public/hooks/use_kibana.tsx index 2b75cc513b241..0baf2acbc32b8 100644 --- a/x-pack/plugins/observability_solution/inventory/public/hooks/use_kibana.tsx +++ b/x-pack/plugins/observability_solution/inventory/public/hooks/use_kibana.tsx @@ -5,19 +5,13 @@ * 2.0. */ -import { useKibana } from '@kbn/kibana-react-plugin/public'; import type { CoreStart } from '@kbn/core/public'; +import { type KibanaReactContextValue, useKibana } from '@kbn/kibana-react-plugin/public'; import type { InventoryStartDependencies } from '../types'; import type { InventoryServices } from '../services/types'; -export interface InventoryKibanaContext { - core: CoreStart; - dependencies: { start: InventoryStartDependencies }; - services: InventoryServices; -} +export type InventoryKibanaContext = CoreStart & InventoryStartDependencies & InventoryServices; -const useTypedKibana = () => { - return useKibana().services; -}; +const useTypedKibana = useKibana as () => KibanaReactContextValue; export { useTypedKibana as useKibana }; diff --git a/x-pack/plugins/observability_solution/inventory/public/pages/inventory_page/index.tsx b/x-pack/plugins/observability_solution/inventory/public/pages/inventory_page/index.tsx index e77b46b26dc79..be54ff531ca44 100644 --- a/x-pack/plugins/observability_solution/inventory/public/pages/inventory_page/index.tsx +++ b/x-pack/plugins/observability_solution/inventory/public/pages/inventory_page/index.tsx @@ -4,13 +4,13 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ -import React from 'react'; -import { useAbortableAsync } from '@kbn/observability-utils/hooks/use_abortable_async'; import { EuiDataGridSorting } from '@elastic/eui'; +import React from 'react'; import { EntitiesGrid } from '../../components/entities_grid'; -import { useKibana } from '../../hooks/use_kibana'; +import { useInventoryAbortableAsync } from '../../hooks/use_inventory_abortable_async'; import { useInventoryParams } from '../../hooks/use_inventory_params'; import { useInventoryRouter } from '../../hooks/use_inventory_router'; +import { useKibana } from '../../hooks/use_kibana'; export function InventoryPage() { const { @@ -20,7 +20,7 @@ export function InventoryPage() { const { sortDirection, sortField, pageIndex } = query; const inventoryRoute = useInventoryRouter(); - const { value = { entities: [] }, loading } = useAbortableAsync( + const { value = { entities: [] }, loading } = useInventoryAbortableAsync( ({ signal }) => { return inventoryAPIClient.fetch('GET /internal/inventory/entities', { params: { diff --git a/x-pack/plugins/observability_solution/inventory/public/plugin.tsx b/x-pack/plugins/observability_solution/inventory/public/plugin.ts similarity index 77% rename from x-pack/plugins/observability_solution/inventory/public/plugin.tsx rename to x-pack/plugins/observability_solution/inventory/public/plugin.ts index 0cb7df9552c74..c196ed41ae5f3 100644 --- a/x-pack/plugins/observability_solution/inventory/public/plugin.tsx +++ b/x-pack/plugins/observability_solution/inventory/public/plugin.ts @@ -4,13 +4,11 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ -import React from 'react'; -import ReactDOM from 'react-dom'; + import { i18n } from '@kbn/i18n'; import { from, map } from 'rxjs'; import { AppMountParameters, - APP_WRAPPER_CLASS, CoreSetup, CoreStart, DEFAULT_APP_CATEGORIES, @@ -19,7 +17,6 @@ import { } from '@kbn/core/public'; import type { Logger } from '@kbn/logging'; import { INVENTORY_APP_ID } from '@kbn/deeplinks-observability/constants'; -import { css } from '@emotion/css'; import type { ConfigSchema, InventoryPublicSetup, @@ -29,6 +26,7 @@ import type { } from './types'; import { InventoryServices } from './services/types'; import { createCallInventoryAPI } from './api'; +import { TelemetryService } from './services/telemetry/telemetry_service'; export class InventoryPlugin implements @@ -40,15 +38,18 @@ export class InventoryPlugin > { logger: Logger; + telemetry: TelemetryService; constructor(context: PluginInitializerContext) { this.logger = context.logger.get(); + this.telemetry = new TelemetryService(); } setup( coreSetup: CoreSetup, pluginsSetup: InventorySetupDependencies ): InventoryPublicSetup { const inventoryAPIClient = createCallInventoryAPI(coreSetup); + this.telemetry.setup({ analytics: coreSetup.analytics }); pluginsSetup.observabilityShared.navigation.registerSections( from(coreSetup.getStartServices()).pipe( @@ -75,6 +76,8 @@ export class InventoryPlugin ) ); + const telemetry = this.telemetry.start(); + coreSetup.application.register({ id: INVENTORY_APP_ID, title: i18n.translate('xpack.inventory.appTitle', { @@ -96,38 +99,22 @@ export class InventoryPlugin ], mount: async (appMountParameters: AppMountParameters) => { // Load application bundle and Get start services - const [{ Application }, [coreStart, pluginsStart]] = await Promise.all([ + const [{ renderApp }, [coreStart, pluginsStart]] = await Promise.all([ import('./application'), coreSetup.getStartServices(), ]); const services: InventoryServices = { inventoryAPIClient, + telemetry, }; - ReactDOM.render( - , - appMountParameters.element - ); - - const appWrapperClassName = css` - overflow: auto; - `; - - const appWrapperElement = document.getElementsByClassName(APP_WRAPPER_CLASS)[1]; - - appWrapperElement.classList.add(appWrapperClassName); - - return () => { - ReactDOM.unmountComponentAtNode(appMountParameters.element); - appWrapperElement.classList.remove(appWrapperClassName); - }; + return renderApp({ + coreStart, + pluginsStart, + services, + appMountParameters, + }); }, }); diff --git a/x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_client.ts b/x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_client.ts new file mode 100644 index 0000000000000..1e36e8d6649ae --- /dev/null +++ b/x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_client.ts @@ -0,0 +1,17 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { AnalyticsServiceSetup } from '@kbn/core-analytics-browser'; +import { type ITelemetryClient, TelemetryEventTypes, type InventoryAddDataParams } from './types'; + +export class TelemetryClient implements ITelemetryClient { + constructor(private analytics: AnalyticsServiceSetup) {} + + public reportInventoryAddData = (params: InventoryAddDataParams) => { + this.analytics.reportEvent(TelemetryEventTypes.INVENTORY_ADD_DATA_CLICKED, params); + }; +} diff --git a/x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_events.ts b/x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_events.ts new file mode 100644 index 0000000000000..c1509499e694b --- /dev/null +++ b/x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_events.ts @@ -0,0 +1,28 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { TelemetryEventTypes, TelemetryEvent } from './types'; + +const inventoryAddDataEventType: TelemetryEvent = { + eventType: TelemetryEventTypes.INVENTORY_ADD_DATA_CLICKED, + schema: { + view: { + type: 'keyword', + _meta: { + description: 'Where the action was initiated (add_data_button)', + }, + }, + journey: { + type: 'keyword', + _meta: { + optional: true, + description: 'Which action was performed (add_data or associate_existing_service_logs)', + }, + }, + }, +}; + +export const inventoryTelemetryEventBasedTypes = [inventoryAddDataEventType]; diff --git a/x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_service.test.ts b/x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_service.test.ts new file mode 100644 index 0000000000000..ffa05ffbff9a2 --- /dev/null +++ b/x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_service.test.ts @@ -0,0 +1,76 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { coreMock } from '@kbn/core/server/mocks'; +import { inventoryTelemetryEventBasedTypes } from './telemetry_events'; + +import { TelemetryService } from './telemetry_service'; +import { TelemetryEventTypes } from './types'; + +describe('TelemetryService', () => { + let service: TelemetryService; + + beforeEach(() => { + service = new TelemetryService(); + }); + + const getSetupParams = () => { + const mockCoreStart = coreMock.createSetup(); + return { + analytics: mockCoreStart.analytics, + }; + }; + + describe('#setup()', () => { + it('should register all the custom events', () => { + const setupParams = getSetupParams(); + service.setup(setupParams); + + expect(setupParams.analytics.registerEventType).toHaveBeenCalledTimes( + inventoryTelemetryEventBasedTypes.length + ); + + inventoryTelemetryEventBasedTypes.forEach((eventConfig, pos) => { + expect(setupParams.analytics.registerEventType).toHaveBeenNthCalledWith( + pos + 1, + eventConfig + ); + }); + }); + }); + + describe('#start()', () => { + it('should return all the available tracking methods', () => { + const setupParams = getSetupParams(); + service.setup(setupParams); + const telemetry = service.start(); + + expect(telemetry).toHaveProperty('reportInventoryAddData'); + }); + }); + + describe('#reportInventoryAddData', () => { + it('should report inventory add data clicked with properties', async () => { + const setupParams = getSetupParams(); + service.setup(setupParams); + const telemetry = service.start(); + + telemetry.reportInventoryAddData({ + view: 'add_data_button', + journey: 'add_data', + }); + + expect(setupParams.analytics.reportEvent).toHaveBeenCalledTimes(1); + expect(setupParams.analytics.reportEvent).toHaveBeenCalledWith( + TelemetryEventTypes.INVENTORY_ADD_DATA_CLICKED, + { + view: 'add_data_button', + journey: 'add_data', + } + ); + }); + }); +}); diff --git a/x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_service.ts b/x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_service.ts new file mode 100644 index 0000000000000..fa416f76b3c16 --- /dev/null +++ b/x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_service.ts @@ -0,0 +1,35 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import type { AnalyticsServiceSetup } from '@kbn/core-analytics-browser'; +import type { TelemetryServiceSetupParams, ITelemetryClient, TelemetryEventParams } from './types'; +import { inventoryTelemetryEventBasedTypes } from './telemetry_events'; +import { TelemetryClient } from './telemetry_client'; + +/** + * Service that interacts with the Core's analytics module + */ +export class TelemetryService { + constructor(private analytics: AnalyticsServiceSetup | null = null) {} + + public setup({ analytics }: TelemetryServiceSetupParams) { + this.analytics = analytics; + + inventoryTelemetryEventBasedTypes.forEach((eventConfig) => + analytics.registerEventType(eventConfig) + ); + } + + public start(): ITelemetryClient { + if (!this.analytics) { + throw new Error( + 'The TelemetryService.setup() method has not been invoked, be sure to call it during the plugin setup.' + ); + } + + return new TelemetryClient(this.analytics); + } +} diff --git a/x-pack/plugins/observability_solution/inventory/public/services/telemetry/types.ts b/x-pack/plugins/observability_solution/inventory/public/services/telemetry/types.ts new file mode 100644 index 0000000000000..494391aa1a7c1 --- /dev/null +++ b/x-pack/plugins/observability_solution/inventory/public/services/telemetry/types.ts @@ -0,0 +1,32 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { AnalyticsServiceSetup, RootSchema } from '@kbn/core/public'; + +export interface TelemetryServiceSetupParams { + analytics: AnalyticsServiceSetup; +} + +export interface InventoryAddDataParams { + view: 'add_data_button'; + journey?: 'add_data' | 'associate_existing_service_logs'; +} + +export type TelemetryEventParams = InventoryAddDataParams; + +export interface ITelemetryClient { + reportInventoryAddData(params: InventoryAddDataParams): void; +} + +export enum TelemetryEventTypes { + INVENTORY_ADD_DATA_CLICKED = 'inventory_add_data_clicked', +} + +export interface TelemetryEvent { + eventType: TelemetryEventTypes; + schema: RootSchema; +} diff --git a/x-pack/plugins/observability_solution/inventory/public/services/types.ts b/x-pack/plugins/observability_solution/inventory/public/services/types.ts index 008437fbf8895..d0cc176e7b53f 100644 --- a/x-pack/plugins/observability_solution/inventory/public/services/types.ts +++ b/x-pack/plugins/observability_solution/inventory/public/services/types.ts @@ -6,7 +6,9 @@ */ import type { InventoryAPIClient } from '../api'; +import type { ITelemetryClient } from './telemetry/types'; export interface InventoryServices { inventoryAPIClient: InventoryAPIClient; + telemetry: ITelemetryClient; } diff --git a/x-pack/plugins/observability_solution/inventory/public/types.ts b/x-pack/plugins/observability_solution/inventory/public/types.ts index 66c0789650a08..88a3188c45a57 100644 --- a/x-pack/plugins/observability_solution/inventory/public/types.ts +++ b/x-pack/plugins/observability_solution/inventory/public/types.ts @@ -9,6 +9,7 @@ import type { ObservabilitySharedPluginSetup, } from '@kbn/observability-shared-plugin/public'; import type { InferencePublicStart, InferencePublicSetup } from '@kbn/inference-plugin/public'; +import type { SharePluginStart } from '@kbn/share-plugin/public'; /* eslint-disable @typescript-eslint/no-empty-interface*/ @@ -22,6 +23,7 @@ export interface InventorySetupDependencies { export interface InventoryStartDependencies { observabilityShared: ObservabilitySharedPluginStart; inference: InferencePublicStart; + share: SharePluginStart; } export interface InventoryPublicSetup {} diff --git a/x-pack/plugins/observability_solution/inventory/tsconfig.json b/x-pack/plugins/observability_solution/inventory/tsconfig.json index e5e530ce1233f..324dc1d08cdb9 100644 --- a/x-pack/plugins/observability_solution/inventory/tsconfig.json +++ b/x-pack/plugins/observability_solution/inventory/tsconfig.json @@ -12,10 +12,7 @@ "server/**/*", ".storybook/**/*" ], - "exclude": [ - "target/**/*", - ".storybook/**/*.js" - ], + "exclude": ["target/**/*", ".storybook/**/*.js"], "kbn_references": [ "@kbn/core", "@kbn/logging", @@ -32,11 +29,14 @@ "@kbn/licensing-plugin", "@kbn/inference-plugin", "@kbn/data-views-plugin", + "@kbn/share-plugin", "@kbn/server-route-repository-client", "@kbn/react-kibana-context-render", "@kbn/es-types", "@kbn/entities-schema", "@kbn/i18n-react", - "@kbn/io-ts-utils" + "@kbn/io-ts-utils", + "@kbn/core-analytics-browser", + "@kbn/core-http-browser" ] } diff --git a/x-pack/plugins/observability_solution/investigate_app/public/components/investigation_tag/investigation_tag.tsx b/x-pack/plugins/observability_solution/investigate_app/public/components/investigation_tag/investigation_tag.tsx new file mode 100644 index 0000000000000..938f4ce434c82 --- /dev/null +++ b/x-pack/plugins/observability_solution/investigate_app/public/components/investigation_tag/investigation_tag.tsx @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { EuiFlexItem, EuiBadge } from '@elastic/eui'; +import React from 'react'; + +interface Props { + tag: string; +} + +export function InvestigationTag({ tag }: Props) { + return ( + + {tag} + + ); +} diff --git a/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/investigation_header/alert_details_button.tsx b/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/investigation_header/alert_details_button.tsx new file mode 100644 index 0000000000000..ff33ca7949f75 --- /dev/null +++ b/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/investigation_header/alert_details_button.tsx @@ -0,0 +1,41 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { EuiButtonEmpty, EuiText } from '@elastic/eui'; +import { alertOriginSchema } from '@kbn/investigation-shared'; +import { ALERT_RULE_CATEGORY } from '@kbn/rule-registry-plugin/common/technical_rule_data_field_names'; +import React from 'react'; +import { useKibana } from '../../../../hooks/use_kibana'; +import { useInvestigation } from '../../contexts/investigation_context'; +import { useFetchAlert } from '../../hooks/use_fetch_alert'; + +export function AlertDetailsButton() { + const { + core: { + http: { basePath }, + }, + } = useKibana(); + const { investigation } = useInvestigation(); + + const alertOriginInvestigation = alertOriginSchema.safeParse(investigation?.origin); + const alertId = alertOriginInvestigation.success ? alertOriginInvestigation.data.id : undefined; + const { data: alertDetails } = useFetchAlert({ id: alertId }); + + if (!alertDetails) { + return null; + } + return ( + + {`[Alert] ${alertDetails?.[ALERT_RULE_CATEGORY]} breached`} + + ); +} diff --git a/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/investigation_header/investigation_header.tsx b/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/investigation_header/investigation_header.tsx index 1987777de4968..339f2ce1be8e7 100644 --- a/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/investigation_header/investigation_header.tsx +++ b/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/investigation_header/investigation_header.tsx @@ -5,40 +5,64 @@ * 2.0. */ -import { EuiButtonEmpty, EuiText } from '@elastic/eui'; -import { alertOriginSchema } from '@kbn/investigation-shared'; -import { ALERT_RULE_CATEGORY } from '@kbn/rule-registry-plugin/common/technical_rule_data_field_names'; +import { EuiFlexGroup, EuiFlexItem, EuiText } from '@elastic/eui'; +// eslint-disable-next-line import/no-extraneous-dependencies +import { formatDistance } from 'date-fns'; +import { FormattedMessage } from '@kbn/i18n-react'; import React from 'react'; -import { useFetchAlert } from '../../../../hooks/use_get_alert_details'; -import { useKibana } from '../../../../hooks/use_kibana'; +import { InvestigationStatusBadge } from '../../../../components/investigation_status_badge/investigation_status_badge'; +import { InvestigationTag } from '../../../../components/investigation_tag/investigation_tag'; import { useInvestigation } from '../../contexts/investigation_context'; +import { AlertDetailsButton } from './alert_details_button'; export function InvestigationHeader() { - const { - core: { - http: { basePath }, - }, - } = useKibana(); - const { investigation } = useInvestigation(); - const alertOriginInvestigation = alertOriginSchema.safeParse(investigation?.origin); - const alertId = alertOriginInvestigation.success ? alertOriginInvestigation.data.id : undefined; - const { data: alertDetails } = useFetchAlert({ id: alertId }); + if (!investigation) { + return null; + } return ( - <> - {alertDetails && ( - - {`[Alert] ${alertDetails?.[ALERT_RULE_CATEGORY]} breached`} - - )} - {investigation &&
{investigation.title}
} - + + + + + + {investigation.title} + + + + + + + {investigation.tags.length > 0 && ( + + + {investigation.tags.map((tag) => ( + + ))} + + + )} + + + + + {formatDistance(new Date(investigation.createdAt), new Date(), { + addSuffix: true, + })} + + ), + }} + /> + + + + ); } diff --git a/x-pack/plugins/observability_solution/investigate_app/public/hooks/use_get_alert_details.tsx b/x-pack/plugins/observability_solution/investigate_app/public/pages/details/hooks/use_fetch_alert.tsx similarity index 96% rename from x-pack/plugins/observability_solution/investigate_app/public/hooks/use_get_alert_details.tsx rename to x-pack/plugins/observability_solution/investigate_app/public/pages/details/hooks/use_fetch_alert.tsx index 0c0cda89d3eb8..85246b33bf70d 100644 --- a/x-pack/plugins/observability_solution/investigate_app/public/hooks/use_get_alert_details.tsx +++ b/x-pack/plugins/observability_solution/investigate_app/public/pages/details/hooks/use_fetch_alert.tsx @@ -7,7 +7,7 @@ import { useQuery } from '@tanstack/react-query'; import { BASE_RAC_ALERTS_API_PATH, EcsFieldsResponse } from '@kbn/rule-registry-plugin/common'; -import { useKibana } from './use_kibana'; +import { useKibana } from '../../../hooks/use_kibana'; export interface AlertParams { id?: string; diff --git a/x-pack/plugins/observability_solution/investigate_app/public/pages/list/components/investigation_list.tsx b/x-pack/plugins/observability_solution/investigate_app/public/pages/list/components/investigation_list.tsx index a65eb12001342..8ad2957b27ac8 100644 --- a/x-pack/plugins/observability_solution/investigate_app/public/pages/list/components/investigation_list.tsx +++ b/x-pack/plugins/observability_solution/investigate_app/public/pages/list/components/investigation_list.tsx @@ -7,11 +7,9 @@ import { Criteria, EuiAvatar, - EuiBadge, EuiBasicTable, EuiBasicTableColumn, EuiFlexGroup, - EuiFlexItem, EuiLink, EuiLoadingSpinner, EuiText, @@ -22,6 +20,7 @@ import moment from 'moment'; import React, { useState } from 'react'; import { paths } from '../../../../common/paths'; import { InvestigationStatusBadge } from '../../../components/investigation_status_badge/investigation_status_badge'; +import { InvestigationTag } from '../../../components/investigation_tag/investigation_tag'; import { useFetchInvestigationList } from '../../../hooks/use_fetch_investigation_list'; import { useFetchUserProfiles } from '../../../hooks/use_fetch_user_profiles'; import { useKibana } from '../../../hooks/use_kibana'; @@ -114,9 +113,7 @@ export function InvestigationList() { return ( {value.map((tag) => ( - - {tag} - + ))} ); diff --git a/x-pack/plugins/observability_solution/investigate_app/server/services/delete_investigation_item.ts b/x-pack/plugins/observability_solution/investigate_app/server/services/delete_investigation_item.ts index a9856cc0eaa99..29728404068be 100644 --- a/x-pack/plugins/observability_solution/investigate_app/server/services/delete_investigation_item.ts +++ b/x-pack/plugins/observability_solution/investigate_app/server/services/delete_investigation_item.ts @@ -16,11 +16,11 @@ export async function deleteInvestigationItem( const investigation = await repository.findById(investigationId); const item = investigation.items.find((currItem) => currItem.id === itemId); if (!item) { - throw new Error('Note not found'); + throw new Error('Item not found'); } if (item.createdBy !== user.profile_uid) { - throw new Error('User does not have permission to delete note'); + throw new Error('User does not have permission to delete item'); } investigation.items = investigation.items.filter((currItem) => currItem.id !== itemId); diff --git a/x-pack/plugins/observability_solution/observability/public/components/alert_search_bar/alert_search_bar_with_url_sync.tsx b/x-pack/plugins/observability_solution/observability/public/components/alert_search_bar/alert_search_bar_with_url_sync.tsx index 1abb2a865ccce..609bc5e94c510 100644 --- a/x-pack/plugins/observability_solution/observability/public/components/alert_search_bar/alert_search_bar_with_url_sync.tsx +++ b/x-pack/plugins/observability_solution/observability/public/components/alert_search_bar/alert_search_bar_with_url_sync.tsx @@ -10,6 +10,7 @@ import { alertSearchBarStateContainer, Provider, useAlertSearchBarStateContainer, + DEFAULT_STATE, } from './containers'; import { ObservabilityAlertSearchBar } from './alert_search_bar'; import { AlertSearchBarWithUrlSyncProps } from './types'; @@ -17,8 +18,8 @@ import { useKibana } from '../../utils/kibana_react'; import { useToasts } from '../../hooks/use_toast'; function AlertSearchbarWithUrlSync(props: AlertSearchBarWithUrlSyncProps) { - const { urlStorageKey, ...searchBarProps } = props; - const stateProps = useAlertSearchBarStateContainer(urlStorageKey); + const { urlStorageKey, defaultState = DEFAULT_STATE, ...searchBarProps } = props; + const stateProps = useAlertSearchBarStateContainer(urlStorageKey, undefined, defaultState); const { data: { query: { diff --git a/x-pack/plugins/observability_solution/observability/public/components/alert_search_bar/containers/index.tsx b/x-pack/plugins/observability_solution/observability/public/components/alert_search_bar/containers/index.tsx index edffc97a57fa2..66c798495da28 100644 --- a/x-pack/plugins/observability_solution/observability/public/components/alert_search_bar/containers/index.tsx +++ b/x-pack/plugins/observability_solution/observability/public/components/alert_search_bar/containers/index.tsx @@ -5,5 +5,5 @@ * 2.0. */ -export { Provider, alertSearchBarStateContainer } from './state_container'; +export { Provider, alertSearchBarStateContainer, DEFAULT_STATE } from './state_container'; export { useAlertSearchBarStateContainer } from './use_alert_search_bar_state_container'; diff --git a/x-pack/plugins/observability_solution/observability/public/components/alert_search_bar/containers/state_container.tsx b/x-pack/plugins/observability_solution/observability/public/components/alert_search_bar/containers/state_container.tsx index a7aa8c15a6472..a23f8da36c59d 100644 --- a/x-pack/plugins/observability_solution/observability/public/components/alert_search_bar/containers/state_container.tsx +++ b/x-pack/plugins/observability_solution/observability/public/components/alert_search_bar/containers/state_container.tsx @@ -12,15 +12,7 @@ import { } from '@kbn/kibana-utils-plugin/public'; import { AlertStatus } from '../../../../common/typings'; import { ALL_ALERTS } from '../constants'; - -interface AlertSearchBarContainerState { - rangeFrom: string; - rangeTo: string; - kuery: string; - status: AlertStatus; - filters: Filter[]; - savedQueryId?: string; -} +import { AlertSearchBarContainerState } from '../types'; interface AlertSearchBarStateTransitions { setRangeFrom: ( @@ -43,7 +35,7 @@ interface AlertSearchBarStateTransitions { ) => (savedQueryId?: string) => AlertSearchBarContainerState; } -const defaultState: AlertSearchBarContainerState = { +const DEFAULT_STATE: AlertSearchBarContainerState = { rangeFrom: 'now-24h', rangeTo: 'now', kuery: '', @@ -60,13 +52,13 @@ const transitions: AlertSearchBarStateTransitions = { setSavedQueryId: (state) => (savedQueryId) => ({ ...state, savedQueryId }), }; -const alertSearchBarStateContainer = createStateContainer(defaultState, transitions); +const alertSearchBarStateContainer = createStateContainer(DEFAULT_STATE, transitions); type AlertSearchBarStateContainer = typeof alertSearchBarStateContainer; const { Provider, useContainer } = createStateContainerReactHelpers(); -export { Provider, alertSearchBarStateContainer, useContainer, defaultState }; +export { Provider, alertSearchBarStateContainer, useContainer, DEFAULT_STATE }; export type { AlertSearchBarStateContainer, AlertSearchBarContainerState, diff --git a/x-pack/plugins/observability_solution/observability/public/components/alert_search_bar/containers/use_alert_search_bar_state_container.tsx b/x-pack/plugins/observability_solution/observability/public/components/alert_search_bar/containers/use_alert_search_bar_state_container.tsx index 5237ab1f17c2a..2938f6c60bbfe 100644 --- a/x-pack/plugins/observability_solution/observability/public/components/alert_search_bar/containers/use_alert_search_bar_state_container.tsx +++ b/x-pack/plugins/observability_solution/observability/public/components/alert_search_bar/containers/use_alert_search_bar_state_container.tsx @@ -24,7 +24,7 @@ import { useTimefilterService } from '../../../hooks/use_timefilter_service'; import { useContainer, - defaultState, + DEFAULT_STATE, AlertSearchBarStateContainer, AlertSearchBarContainerState, } from './state_container'; @@ -42,12 +42,13 @@ export const alertSearchBarState = t.partial({ export function useAlertSearchBarStateContainer( urlStorageKey: string, - { replace }: { replace?: boolean } = {} + { replace }: { replace?: boolean } = {}, + defaultState: AlertSearchBarContainerState = DEFAULT_STATE ) { const [savedQuery, setSavedQuery] = useState(); const stateContainer = useContainer(); - useUrlStateSyncEffect(stateContainer, urlStorageKey, replace); + useUrlStateSyncEffect(stateContainer, urlStorageKey, replace, defaultState); const { setRangeFrom, setRangeTo, setKuery, setStatus, setFilters, setSavedQueryId } = stateContainer.transitions; @@ -105,7 +106,8 @@ export function useAlertSearchBarStateContainer( function useUrlStateSyncEffect( stateContainer: AlertSearchBarStateContainer, urlStorageKey: string, - replace: boolean = true + replace: boolean = true, + defaultState: AlertSearchBarContainerState = DEFAULT_STATE ) { const history = useHistory(); const timefilterService = useTimefilterService(); @@ -127,12 +129,14 @@ function useUrlStateSyncEffect( timefilterService, stateContainer, urlStateStorage, - urlStorageKey + urlStorageKey, + defaultState ); start(); return stop; + // eslint-disable-next-line react-hooks/exhaustive-deps }, [stateContainer, history, timefilterService, urlStorageKey, replace]); } @@ -140,7 +144,8 @@ function setupUrlStateSync( stateContainer: AlertSearchBarStateContainer, urlStateStorage: IKbnUrlStateStorage, urlStorageKey: string, - replace: boolean = true + replace: boolean = true, + defaultState: AlertSearchBarContainerState = DEFAULT_STATE ) { // This handles filling the state when an incomplete URL set is provided const setWithDefaults = (changedState: Partial | null) => { @@ -165,7 +170,8 @@ function initializeUrlAndStateContainer( timefilterService: TimefilterContract, stateContainer: AlertSearchBarStateContainer, urlStateStorage: IKbnUrlStateStorage, - urlStorageKey: string + urlStorageKey: string, + defaultState: AlertSearchBarContainerState ) { const urlState = alertSearchBarState.decode( urlStateStorage.get>(urlStorageKey) diff --git a/x-pack/plugins/observability_solution/observability/public/components/alert_search_bar/types.ts b/x-pack/plugins/observability_solution/observability/public/components/alert_search_bar/types.ts index a0774e72ae936..eb9afc0345bc9 100644 --- a/x-pack/plugins/observability_solution/observability/public/components/alert_search_bar/types.ts +++ b/x-pack/plugins/observability_solution/observability/public/components/alert_search_bar/types.ts @@ -19,6 +19,7 @@ export interface AlertStatusFilterProps { export interface AlertSearchBarWithUrlSyncProps extends CommonAlertSearchBarProps { urlStorageKey: string; + defaultState?: AlertSearchBarContainerState; } export interface Dependencies { @@ -49,7 +50,7 @@ export interface ObservabilityAlertSearchBarProps services: Services; } -interface AlertSearchBarContainerState { +export interface AlertSearchBarContainerState { rangeFrom: string; rangeTo: string; kuery: string; diff --git a/x-pack/plugins/observability_solution/observability/public/pages/alerts/grouping/constants.ts b/x-pack/plugins/observability_solution/observability/public/components/alerts_table/grouping/constants.ts similarity index 100% rename from x-pack/plugins/observability_solution/observability/public/pages/alerts/grouping/constants.ts rename to x-pack/plugins/observability_solution/observability/public/components/alerts_table/grouping/constants.ts diff --git a/x-pack/plugins/observability_solution/observability/public/pages/alerts/grouping/get_aggregations_by_grouping_field.ts b/x-pack/plugins/observability_solution/observability/public/components/alerts_table/grouping/get_aggregations_by_grouping_field.ts similarity index 100% rename from x-pack/plugins/observability_solution/observability/public/pages/alerts/grouping/get_aggregations_by_grouping_field.ts rename to x-pack/plugins/observability_solution/observability/public/components/alerts_table/grouping/get_aggregations_by_grouping_field.ts diff --git a/x-pack/plugins/observability_solution/observability/public/pages/alerts/grouping/get_group_stats.tsx b/x-pack/plugins/observability_solution/observability/public/components/alerts_table/grouping/get_group_stats.tsx similarity index 94% rename from x-pack/plugins/observability_solution/observability/public/pages/alerts/grouping/get_group_stats.tsx rename to x-pack/plugins/observability_solution/observability/public/components/alerts_table/grouping/get_group_stats.tsx index 3fe0a6d006825..566add6be934b 100644 --- a/x-pack/plugins/observability_solution/observability/public/pages/alerts/grouping/get_group_stats.tsx +++ b/x-pack/plugins/observability_solution/observability/public/components/alerts_table/grouping/get_group_stats.tsx @@ -7,7 +7,7 @@ import { GetGroupStats } from '@kbn/grouping/src'; import { ALERT_INSTANCE_ID, ALERT_RULE_NAME } from '@kbn/rule-data-utils'; -import { AlertsByGroupingAgg } from '../../../components/alerts_table/types'; +import { AlertsByGroupingAgg } from '../types'; export const getGroupStats: GetGroupStats = (selectedGroup, bucket) => { const defaultBadges = [ diff --git a/x-pack/plugins/observability_solution/observability/public/pages/alerts/grouping/render_group_panel.tsx b/x-pack/plugins/observability_solution/observability/public/components/alerts_table/grouping/render_group_panel.tsx similarity index 95% rename from x-pack/plugins/observability_solution/observability/public/pages/alerts/grouping/render_group_panel.tsx rename to x-pack/plugins/observability_solution/observability/public/components/alerts_table/grouping/render_group_panel.tsx index 17e674eb0a44e..b6c48cb6e90ef 100644 --- a/x-pack/plugins/observability_solution/observability/public/pages/alerts/grouping/render_group_panel.tsx +++ b/x-pack/plugins/observability_solution/observability/public/components/alerts_table/grouping/render_group_panel.tsx @@ -10,8 +10,8 @@ import { isArray } from 'lodash/fp'; import { EuiFlexGroup, EuiIconTip, EuiFlexItem, EuiText, EuiTitle } from '@elastic/eui'; import { firstNonNullValue, GroupPanelRenderer } from '@kbn/grouping/src'; import { FormattedMessage } from '@kbn/i18n-react'; -import { AlertsByGroupingAgg } from '../../../components/alerts_table/types'; -import { Tags } from '../../../components/tags'; +import { AlertsByGroupingAgg } from '../types'; +import { Tags } from '../../tags'; import { ungrouped } from './constants'; export const renderGroupPanel: GroupPanelRenderer = ( diff --git a/x-pack/plugins/observability_solution/observability/public/constants.ts b/x-pack/plugins/observability_solution/observability/public/constants.ts index 768094ec8a66b..7af5d9380f6cc 100644 --- a/x-pack/plugins/observability_solution/observability/public/constants.ts +++ b/x-pack/plugins/observability_solution/observability/public/constants.ts @@ -10,3 +10,5 @@ export const DEFAULT_DATE_FORMAT = 'YYYY-MM-DD HH:mm'; export const ALERTS_PAGE_ALERTS_TABLE_CONFIG_ID = `alerts-page-alerts-table`; export const RULE_DETAILS_ALERTS_TABLE_CONFIG_ID = `rule-details-alerts-table`; + +export const SEARCH_BAR_URL_STORAGE_KEY = 'searchBarParams'; diff --git a/x-pack/plugins/observability_solution/observability/public/pages/alert_details/alert_details.test.tsx b/x-pack/plugins/observability_solution/observability/public/pages/alert_details/alert_details.test.tsx index 4706bed7f5635..1089bb52b7ed4 100644 --- a/x-pack/plugins/observability_solution/observability/public/pages/alert_details/alert_details.test.tsx +++ b/x-pack/plugins/observability_solution/observability/public/pages/alert_details/alert_details.test.tsx @@ -15,7 +15,7 @@ import { ruleTypeRegistryMock } from '@kbn/triggers-actions-ui-plugin/public/app import { waitFor } from '@testing-library/react'; import { Chance } from 'chance'; import React, { Fragment } from 'react'; -import { useLocation, useParams } from 'react-router-dom'; +import { useHistory, useLocation, useParams } from 'react-router-dom'; import { from } from 'rxjs'; import { useFetchAlertDetail } from '../../hooks/use_fetch_alert_detail'; import { ConfigSchema } from '../../plugin'; @@ -30,6 +30,7 @@ jest.mock('react-router-dom', () => ({ ...jest.requireActual('react-router-dom'), useParams: jest.fn(), useLocation: jest.fn(), + useHistory: jest.fn(), })); jest.mock('../../utils/kibana_react'); @@ -85,6 +86,7 @@ jest.mock('@kbn/observability-shared-plugin/public'); const useFetchAlertDetailMock = useFetchAlertDetail as jest.Mock; const useParamsMock = useParams as jest.Mock; const useLocationMock = useLocation as jest.Mock; +const useHistoryMock = useHistory as jest.Mock; const useBreadcrumbsMock = useBreadcrumbs as jest.Mock; const chance = new Chance(); @@ -110,6 +112,7 @@ describe('Alert details', () => { jest.clearAllMocks(); useParamsMock.mockReturnValue(params); useLocationMock.mockReturnValue({ pathname: '/alerts/uuid', search: '', state: '', hash: '' }); + useHistoryMock.mockReturnValue({ replace: jest.fn() }); useBreadcrumbsMock.mockReturnValue([]); ruleTypeRegistry.list.mockReturnValue([ruleType]); ruleTypeRegistry.get.mockReturnValue(ruleType); diff --git a/x-pack/plugins/observability_solution/observability/public/pages/alert_details/alert_details.tsx b/x-pack/plugins/observability_solution/observability/public/pages/alert_details/alert_details.tsx index e17fc1666e061..00dd03734b9b0 100644 --- a/x-pack/plugins/observability_solution/observability/public/pages/alert_details/alert_details.tsx +++ b/x-pack/plugins/observability_solution/observability/public/pages/alert_details/alert_details.tsx @@ -7,7 +7,7 @@ import React, { useEffect, useState } from 'react'; import { i18n } from '@kbn/i18n'; -import { useParams } from 'react-router-dom'; +import { useHistory, useLocation, useParams } from 'react-router-dom'; import { EuiEmptyPrompt, EuiPanel, @@ -23,6 +23,7 @@ import { ALERT_RULE_UUID, ALERT_STATUS, ALERT_STATUS_UNTRACKED, + ALERT_GROUP, } from '@kbn/rule-data-utils'; import { RuleTypeModel } from '@kbn/triggers-actions-ui-plugin/public'; import { useBreadcrumbs } from '@kbn/observability-shared-plugin/public'; @@ -30,6 +31,9 @@ import dedent from 'dedent'; import { AlertFieldsTable } from '@kbn/alerts-ui-shared'; import { css } from '@emotion/react'; import { omit } from 'lodash'; +import type { Group } from '../../../common/typings'; +import { observabilityFeatureId } from '../../../common'; +import { RelatedAlerts } from './components/related_alerts'; import { useKibana } from '../../utils/kibana_react'; import { useFetchRule } from '../../hooks/use_fetch_rule'; import { usePluginContext } from '../../hooks/use_plugin_context'; @@ -40,7 +44,6 @@ import { AlertSummary, AlertSummaryField } from './components/alert_summary'; import { CenterJustifiedSpinner } from '../../components/center_justified_spinner'; import { getTimeZone } from '../../utils/get_time_zone'; import { isAlertDetailsEnabledPerApp } from '../../utils/is_alert_details_enabled'; -import { observabilityFeatureId } from '../../../common'; import { paths } from '../../../common/locators/paths'; import { HeaderMenu } from '../overview/components/header_menu/header_menu'; import { AlertOverview } from '../../components/alert_overview/alert_overview'; @@ -61,6 +64,12 @@ export const LOG_DOCUMENT_COUNT_RULE_TYPE_ID = 'logs.alert.document.count'; export const METRIC_THRESHOLD_ALERT_TYPE_ID = 'metrics.alert.threshold'; export const METRIC_INVENTORY_THRESHOLD_ALERT_TYPE_ID = 'metrics.alert.inventory.threshold'; +const OVERVIEW_TAB_ID = 'overview'; +const METADATA_TAB_ID = 'metadata'; +const RELATED_ALERTS_TAB_ID = 'related_alerts'; +const ALERT_DETAILS_TAB_URL_STORAGE_KEY = 'tabId'; +type TabId = typeof OVERVIEW_TAB_ID | typeof METADATA_TAB_ID | typeof RELATED_ALERTS_TAB_ID; + export function AlertDetails() { const { cases: { @@ -73,6 +82,8 @@ export function AlertDetails() { uiSettings, } = useKibana().services; + const { search } = useLocation(); + const history = useHistory(); const { ObservabilityPageTemplate, config } = usePluginContext(); const { alertId } = useParams(); const [isLoading, alertDetail] = useFetchAlertDetail(alertId); @@ -87,6 +98,27 @@ export function AlertDetails() { const [alertStatus, setAlertStatus] = useState(); const { euiTheme } = useEuiTheme(); + const [activeTabId, setActiveTabId] = useState(() => { + const searchParams = new URLSearchParams(search); + const urlTabId = searchParams.get(ALERT_DETAILS_TAB_URL_STORAGE_KEY); + + return urlTabId && [OVERVIEW_TAB_ID, METADATA_TAB_ID, RELATED_ALERTS_TAB_ID].includes(urlTabId) + ? (urlTabId as TabId) + : OVERVIEW_TAB_ID; + }); + const handleSetTabId = async (tabId: TabId) => { + setActiveTabId(tabId); + + let searchParams = new URLSearchParams(search); + if (tabId === RELATED_ALERTS_TAB_ID) { + searchParams.set(ALERT_DETAILS_TAB_URL_STORAGE_KEY, tabId); + } else { + searchParams = new URLSearchParams(); + searchParams.set(ALERT_DETAILS_TAB_URL_STORAGE_KEY, tabId); + } + history.replace({ search: searchParams.toString() }); + }; + useEffect(() => { if (!alertDetail || !observabilityAIAssistant) { return; @@ -162,9 +194,6 @@ export function AlertDetails() { const AlertDetailsAppSection = ruleTypeModel ? ruleTypeModel.alertDetailsAppSection : null; const timeZone = getTimeZone(uiSettings); - const OVERVIEW_TAB_ID = 'overview'; - const METADATA_TAB_ID = 'metadata'; - const overviewTab = alertDetail ? ( AlertDetailsAppSection && /* @@ -229,6 +258,20 @@ export function AlertDetails() { 'data-test-subj': 'metadataTab', content: metadataTab, }, + { + id: RELATED_ALERTS_TAB_ID, + name: i18n.translate('xpack.observability.alertDetails.tab.relatedAlertsLabel', { + defaultMessage: 'Related Alerts', + }), + 'data-test-subj': 'relatedAlertsTab', + content: ( + + ), + }, ]; return ( @@ -266,7 +309,12 @@ export function AlertDetails() { data-test-subj="alertDetails" > - + tab.id === activeTabId)} + onTabClick={(tab) => handleSetTabId(tab.id as TabId)} + /> ); } diff --git a/x-pack/plugins/observability_solution/observability/public/pages/alert_details/components/related_alerts.tsx b/x-pack/plugins/observability_solution/observability/public/pages/alert_details/components/related_alerts.tsx new file mode 100644 index 0000000000000..c74a4558d47f7 --- /dev/null +++ b/x-pack/plugins/observability_solution/observability/public/pages/alert_details/components/related_alerts.tsx @@ -0,0 +1,150 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React, { useState, useRef, useEffect } from 'react'; +import { EuiFlexGroup, EuiFlexItem, EuiSpacer } from '@elastic/eui'; +import { getPaddedAlertTimeRange } from '@kbn/observability-get-padded-alert-time-range-util'; +import { ALERT_END, ALERT_START, ALERT_UUID } from '@kbn/rule-data-utils'; +import { BoolQuery, Filter, type Query } from '@kbn/es-query'; +import { AlertsGrouping } from '@kbn/alerts-grouping'; + +import { observabilityAlertFeatureIds } from '../../../../common/constants'; +import { TopAlert } from '../../..'; +import { + AlertSearchBarContainerState, + DEFAULT_STATE, +} from '../../../components/alert_search_bar/containers/state_container'; +import type { Group } from '../../../../common/typings'; +import { ObservabilityAlertSearchbarWithUrlSync } from '../../../components/alert_search_bar/alert_search_bar_with_url_sync'; +import { renderGroupPanel } from '../../../components/alerts_table/grouping/render_group_panel'; +import { getGroupStats } from '../../../components/alerts_table/grouping/get_group_stats'; +import { getAggregationsByGroupingField } from '../../../components/alerts_table/grouping/get_aggregations_by_grouping_field'; +import { DEFAULT_GROUPING_OPTIONS } from '../../../components/alerts_table/grouping/constants'; +import { ALERT_STATUS_FILTER } from '../../../components/alert_search_bar/constants'; +import { AlertsByGroupingAgg } from '../../../components/alerts_table/types'; +import { + alertSearchBarStateContainer, + Provider, + useAlertSearchBarStateContainer, +} from '../../../components/alert_search_bar/containers'; +import { ALERTS_PAGE_ALERTS_TABLE_CONFIG_ID, SEARCH_BAR_URL_STORAGE_KEY } from '../../../constants'; +import { usePluginContext } from '../../../hooks/use_plugin_context'; +import { useKibana } from '../../../utils/kibana_react'; +import { buildEsQuery } from '../../../utils/build_es_query'; +import { mergeBoolQueries } from '../../alerts/helpers/merge_bool_queries'; +import { getRelatedAlertKuery } from '../helpers/get_related_alerts_query'; + +const ALERTS_PER_PAGE = 50; +const RELATED_ALERTS_SEARCH_BAR_ID = 'related-alerts-search-bar-o11y'; +const ALERTS_TABLE_ID = 'xpack.observability.related.alerts.table'; + +interface Props { + alert?: TopAlert; + groups?: Group[]; + tags?: string[]; +} + +const defaultState: AlertSearchBarContainerState = { ...DEFAULT_STATE, status: 'active' }; +const DEFAULT_FILTERS: Filter[] = []; + +export function InternalRelatedAlerts({ alert, groups, tags }: Props) { + const kibanaServices = useKibana().services; + const { + http, + notifications, + dataViews, + triggersActionsUi: { alertsTableConfigurationRegistry, getAlertsStateTable: AlertsStateTable }, + } = kibanaServices; + const { observabilityRuleTypeRegistry } = usePluginContext(); + const alertSearchBarStateProps = useAlertSearchBarStateContainer(SEARCH_BAR_URL_STORAGE_KEY, { + replace: false, + }); + + const [esQuery, setEsQuery] = useState<{ bool: BoolQuery }>(); + const alertStart = alert?.fields[ALERT_START]; + const alertEnd = alert?.fields[ALERT_END]; + const alertId = alert?.fields[ALERT_UUID]; + + const defaultQuery = useRef([ + { query: `not kibana.alert.uuid: ${alertId}`, language: 'kuery' }, + ]); + + useEffect(() => { + if (alertStart) { + const defaultTimeRange = getPaddedAlertTimeRange(alertStart, alertEnd); + alertSearchBarStateProps.onRangeFromChange(defaultTimeRange.from); + alertSearchBarStateProps.onRangeToChange(defaultTimeRange.to); + } + // eslint-disable-next-line react-hooks/exhaustive-deps + }, [alertStart, alertEnd]); + + return ( + + + + + + + {esQuery && ( + + featureIds={observabilityAlertFeatureIds} + defaultFilters={ALERT_STATUS_FILTER[alertSearchBarStateProps.status] ?? DEFAULT_FILTERS} + from={alertSearchBarStateProps.rangeFrom} + to={alertSearchBarStateProps.rangeTo} + globalFilters={alertSearchBarStateProps.filters ?? DEFAULT_FILTERS} + globalQuery={{ query: alertSearchBarStateProps.kuery, language: 'kuery' }} + groupingId={ALERTS_PAGE_ALERTS_TABLE_CONFIG_ID} + defaultGroupingOptions={DEFAULT_GROUPING_OPTIONS} + getAggregationsByGroupingField={getAggregationsByGroupingField} + renderGroupPanel={renderGroupPanel} + getGroupStats={getGroupStats} + services={{ + notifications, + dataViews, + http, + }} + > + {(groupingFilters) => { + const groupQuery = buildEsQuery({ + filters: groupingFilters, + }); + return ( + + ); + }} + + )} + + + ); +} + +export function RelatedAlerts(props: Props) { + return ( + + + + ); +} diff --git a/x-pack/plugins/observability_solution/observability/public/pages/alert_details/helpers/get_related_alerts_query.test.ts b/x-pack/plugins/observability_solution/observability/public/pages/alert_details/helpers/get_related_alerts_query.test.ts new file mode 100644 index 0000000000000..b7b8d138f471a --- /dev/null +++ b/x-pack/plugins/observability_solution/observability/public/pages/alert_details/helpers/get_related_alerts_query.test.ts @@ -0,0 +1,48 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { getRelatedAlertKuery } from './get_related_alerts_query'; +import { fromKueryExpression } from '@kbn/es-query'; + +describe('getRelatedAlertKuery', () => { + const tags = ['tag1:v', 'tag2']; + const groups = [ + { field: 'group1Field', value: 'group1Value' }, + { field: 'group2Field', value: 'group2:Value' }, + ]; + const tagsKuery = '(tags: "tag1:v" or tags: "tag2")'; + const groupsKuery = + '(group1Field: "group1Value" or kibana.alert.group.value: "group1Value") or (group2Field: "group2:Value" or kibana.alert.group.value: "group2:Value")'; + + it('should generate correct query with no tags or groups', () => { + expect(getRelatedAlertKuery()).toBeUndefined(); + }); + + it('should generate correct query for tags', () => { + const kuery = getRelatedAlertKuery(tags); + expect(kuery).toEqual(tagsKuery); + + // Should be able to parse keury without throwing error + fromKueryExpression(kuery!); + }); + + it('should generate correct query for groups', () => { + const kuery = getRelatedAlertKuery(undefined, groups); + expect(kuery).toEqual(groupsKuery); + + // Should be able to parse keury without throwing error + fromKueryExpression(kuery!); + }); + + it('should generate correct query for tags and groups', () => { + const kuery = getRelatedAlertKuery(tags, groups); + expect(kuery).toEqual(`${tagsKuery} or ${groupsKuery}`); + + // Should be able to parse keury without throwing error + fromKueryExpression(kuery!); + }); +}); diff --git a/x-pack/plugins/observability_solution/observability/public/pages/alert_details/helpers/get_related_alerts_query.ts b/x-pack/plugins/observability_solution/observability/public/pages/alert_details/helpers/get_related_alerts_query.ts new file mode 100644 index 0000000000000..c319af70db13f --- /dev/null +++ b/x-pack/plugins/observability_solution/observability/public/pages/alert_details/helpers/get_related_alerts_query.ts @@ -0,0 +1,32 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { Group } from '../../../../common/typings'; + +export interface Query { + query: string; + language: string; +} + +export const getRelatedAlertKuery = (tags?: string[], groups?: Group[]): string | undefined => { + const tagKueries: string[] = + tags?.map((tag) => { + return `tags: "${tag}"`; + }) ?? []; + const groupKueries = + (groups && + groups.map(({ field, value }) => { + return `(${field}: "${value}" or kibana.alert.group.value: "${value}")`; + })) ?? + []; + + const tagKueriesStr = tagKueries.length > 0 ? [`(${tagKueries.join(' or ')})`] : []; + const groupKueriesStr = groupKueries.length > 0 ? [`${groupKueries.join(' or ')}`] : []; + const kueries = [...tagKueriesStr, ...groupKueriesStr]; + + return kueries.length ? kueries.join(' or ') : undefined; +}; diff --git a/x-pack/plugins/observability_solution/observability/public/pages/alerts/alerts.tsx b/x-pack/plugins/observability_solution/observability/public/pages/alerts/alerts.tsx index c1d14165f5f6e..ef883f40f4902 100644 --- a/x-pack/plugins/observability_solution/observability/public/pages/alerts/alerts.tsx +++ b/x-pack/plugins/observability_solution/observability/public/pages/alerts/alerts.tsx @@ -8,7 +8,7 @@ import React, { useEffect, useMemo, useState } from 'react'; import { BrushEndListener, XYBrushEvent } from '@elastic/charts'; import { EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; -import { BoolQuery } from '@kbn/es-query'; +import { BoolQuery, Filter } from '@kbn/es-query'; import { i18n } from '@kbn/i18n'; import { loadRuleAggregations } from '@kbn/triggers-actions-ui-plugin/public'; import { useBreadcrumbs } from '@kbn/observability-shared-plugin/public'; @@ -16,9 +16,12 @@ import { MaintenanceWindowCallout } from '@kbn/alerts-ui-shared'; import { DEFAULT_APP_CATEGORIES } from '@kbn/core-application-common'; import { AlertsGrouping } from '@kbn/alerts-grouping'; -import { renderGroupPanel } from './grouping/render_group_panel'; import { rulesLocatorID } from '../../../common'; import { ALERT_STATUS_FILTER } from '../../components/alert_search_bar/constants'; +import { renderGroupPanel } from '../../components/alerts_table/grouping/render_group_panel'; +import { getGroupStats } from '../../components/alerts_table/grouping/get_group_stats'; +import { getAggregationsByGroupingField } from '../../components/alerts_table/grouping/get_aggregations_by_grouping_field'; +import { DEFAULT_GROUPING_OPTIONS } from '../../components/alerts_table/grouping/constants'; import { AlertsByGroupingAgg } from '../../components/alerts_table/types'; import { ObservabilityAlertSearchBar } from '../../components/alert_search_bar/alert_search_bar'; import { useGetFilteredRuleTypes } from '../../hooks/use_get_filtered_rule_types'; @@ -37,13 +40,10 @@ import { getAlertSummaryTimeRange } from '../../utils/alert_summary_widget'; import { observabilityAlertFeatureIds } from '../../../common/constants'; import { ALERTS_URL_STORAGE_KEY } from '../../../common/constants'; import { ALERTS_PAGE_ALERTS_TABLE_CONFIG_ID } from '../../constants'; -import { HeaderMenu } from '../overview/components/header_menu/header_menu'; import { useGetAvailableRulesWithDescriptions } from '../../hooks/use_get_available_rules_with_descriptions'; +import { HeaderMenu } from '../overview/components/header_menu/header_menu'; import { buildEsQuery } from '../../utils/build_es_query'; import { renderRuleStats, RuleStatsState } from './components/rule_stats'; -import { getGroupStats } from './grouping/get_group_stats'; -import { getAggregationsByGroupingField } from './grouping/get_aggregations_by_grouping_field'; -import { DEFAULT_GROUPING_OPTIONS } from './grouping/constants'; import { mergeBoolQueries } from './helpers/merge_bool_queries'; const ALERTS_SEARCH_BAR_ID = 'alerts-search-bar-o11y'; @@ -52,6 +52,7 @@ const ALERTS_TABLE_ID = 'xpack.observability.alerts.alert.table'; const DEFAULT_INTERVAL = '60s'; const DEFAULT_DATE_FORMAT = 'YYYY-MM-DD HH:mm'; +const DEFAULT_FILTERS: Filter[] = []; function InternalAlertsPage() { const kibanaServices = useKibana().services; @@ -255,10 +256,12 @@ function InternalAlertsPage() { {esQuery && ( featureIds={observabilityAlertFeatureIds} - defaultFilters={ALERT_STATUS_FILTER[alertSearchBarStateProps.status] ?? []} + defaultFilters={ + ALERT_STATUS_FILTER[alertSearchBarStateProps.status] ?? DEFAULT_FILTERS + } from={alertSearchBarStateProps.rangeFrom} to={alertSearchBarStateProps.rangeTo} - globalFilters={alertSearchBarStateProps.filters} + globalFilters={alertSearchBarStateProps.filters ?? DEFAULT_FILTERS} globalQuery={{ query: alertSearchBarStateProps.kuery, language: 'kuery' }} groupingId={ALERTS_PAGE_ALERTS_TABLE_CONFIG_ID} defaultGroupingOptions={DEFAULT_GROUPING_OPTIONS} diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/client/adapters/simulate_function_calling/get_system_message_instructions.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/client/adapters/simulate_function_calling/get_system_message_instructions.ts index c80ac022ca6c0..eaf89233a2bcd 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/client/adapters/simulate_function_calling/get_system_message_instructions.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/client/adapters/simulate_function_calling/get_system_message_instructions.ts @@ -33,6 +33,9 @@ export function getSystemMessageInstructions({ IMPORTANT: make sure you start and end a tool call with the ${TOOL_USE_START} and ${TOOL_USE_END} markers, it MUST be included in the tool call. + You can only call A SINGLE TOOL at a time. Do not call multiple tools, or multiple times the same tool, in the same + response. + You may call tools like this: ${TOOL_USE_START} diff --git a/x-pack/plugins/observability_solution/synthetics/common/constants/monitor_defaults.ts b/x-pack/plugins/observability_solution/synthetics/common/constants/monitor_defaults.ts index ccc8ab409420e..dcb1a6e72b246 100644 --- a/x-pack/plugins/observability_solution/synthetics/common/constants/monitor_defaults.ts +++ b/x-pack/plugins/observability_solution/synthetics/common/constants/monitor_defaults.ts @@ -152,6 +152,7 @@ export const DEFAULT_COMMON_FIELDS: CommonFields = { [ConfigKey.CONFIG_HASH]: '', [ConfigKey.MONITOR_QUERY_ID]: '', [ConfigKey.PARAMS]: '', + [ConfigKey.LABELS]: {}, [ConfigKey.MAX_ATTEMPTS]: 2, revision: 1, }; diff --git a/x-pack/plugins/observability_solution/synthetics/common/constants/monitor_management.ts b/x-pack/plugins/observability_solution/synthetics/common/constants/monitor_management.ts index a91e0132ff376..3f0b6c51a3945 100644 --- a/x-pack/plugins/observability_solution/synthetics/common/constants/monitor_management.ts +++ b/x-pack/plugins/observability_solution/synthetics/common/constants/monitor_management.ts @@ -27,6 +27,7 @@ export enum ConfigKey { JOURNEY_ID = 'journey_id', MAX_REDIRECTS = 'max_redirects', METADATA = '__ui', + LABELS = 'labels', MODE = 'mode', MONITOR_TYPE = 'type', NAME = 'name', diff --git a/x-pack/plugins/observability_solution/synthetics/common/runtime_types/monitor_management/monitor_types.ts b/x-pack/plugins/observability_solution/synthetics/common/runtime_types/monitor_management/monitor_types.ts index c0383eaea8b39..426b66597c7d8 100644 --- a/x-pack/plugins/observability_solution/synthetics/common/runtime_types/monitor_management/monitor_types.ts +++ b/x-pack/plugins/observability_solution/synthetics/common/runtime_types/monitor_management/monitor_types.ts @@ -86,6 +86,7 @@ export const CommonFieldsCodec = t.intersection([ [ConfigKey.CUSTOM_HEARTBEAT_ID]: t.string, [ConfigKey.ALERT_CONFIG]: AlertConfigsCodec, [ConfigKey.PARAMS]: t.string, + [ConfigKey.LABELS]: t.record(t.string, t.string), retest_on_failure: t.boolean, }), ]); diff --git a/x-pack/plugins/observability_solution/synthetics/common/runtime_types/monitor_management/monitor_types_project.ts b/x-pack/plugins/observability_solution/synthetics/common/runtime_types/monitor_management/monitor_types_project.ts index 0658d0964fe66..8e25ec1a714e4 100644 --- a/x-pack/plugins/observability_solution/synthetics/common/runtime_types/monitor_management/monitor_types_project.ts +++ b/x-pack/plugins/observability_solution/synthetics/common/runtime_types/monitor_management/monitor_types_project.ts @@ -62,6 +62,7 @@ export const ProjectMonitorCodec = t.intersection([ hash: t.string, namespace: t.string, retestOnFailure: t.boolean, + labels: t.record(t.string, t.string), }), ]); diff --git a/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/common/components/monitor_details_panel.tsx b/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/common/components/monitor_details_panel.tsx index 8d08ac966d4b4..d0db68035b147 100644 --- a/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/common/components/monitor_details_panel.tsx +++ b/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/common/components/monitor_details_panel.tsx @@ -18,6 +18,7 @@ import { import { i18n } from '@kbn/i18n'; import { useDispatch } from 'react-redux'; import { TagsList } from '@kbn/observability-shared-plugin/public'; +import { isEmpty } from 'lodash'; import { PanelWithTitle } from './panel_with_title'; import { MonitorEnabled } from '../../monitors_page/management/monitor_list_table/monitor_enabled'; import { getMonitorAction } from '../../../state'; @@ -57,6 +58,7 @@ export const MonitorDetailsPanel = ({ } const url = latestPing?.url?.full ?? (monitor as unknown as MonitorFields)[ConfigKey.URLS]; + const labels = monitor[ConfigKey.LABELS]; return ( + + {!isEmpty(labels) ? ( + <> + {LABELS_LABEL} + + {Object.entries(labels ?? {}).map(([key, value]) => ( +
+ {key}: {value} +
+ ))} + + + ) : null} ); @@ -225,6 +240,10 @@ const TAGS_LABEL = i18n.translate('xpack.synthetics.management.monitorList.tags' defaultMessage: 'Tags', }); +const LABELS_LABEL = i18n.translate('xpack.synthetics.management.monitorList.labels', { + defaultMessage: 'Labels', +}); + const ENABLED_LABEL = i18n.translate('xpack.synthetics.detailsPanel.monitorDetails.enabled', { defaultMessage: 'Enabled (all locations)', }); diff --git a/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/monitor_add_edit/form/field_config.tsx b/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/monitor_add_edit/form/field_config.tsx index a55a93853344b..d480a2ae1e258 100644 --- a/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/monitor_add_edit/form/field_config.tsx +++ b/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/monitor_add_edit/form/field_config.tsx @@ -1092,6 +1092,55 @@ export const FIELD = (readOnly?: boolean): FieldMap => ({ }, }), }, + [ConfigKey.LABELS]: { + fieldKey: ConfigKey.LABELS, + label: i18n.translate('xpack.synthetics.monitorConfig.meta.label', { + defaultMessage: 'Label fields', + }), + controlled: true, + component: KeyValuePairsField, + helpText: i18n.translate('xpack.synthetics.monitorConfig.meta.helpText', { + defaultMessage: + 'List of key-value pairs that will be sent with each monitor event. Useful for adding custom metadata to your monitor.', + }), + props: ({ field, setValue, trigger }): KeyValuePairsFieldProps => ({ + readOnly, + keyLabel: i18n.translate('xpack.synthetics.monitorConfig.field.key.label', { + defaultMessage: 'Field', + }), + valueLabel: i18n.translate('xpack.synthetics.monitorConfig.field.value.label', { + defaultMessage: 'Value', + }), + addPairControlLabel: i18n.translate('xpack.synthetics.monitorConfig.metaField.label', { + defaultMessage: 'Add label field', + }), + onChange: async (pairs) => { + const value: Record = {}; + pairs.forEach((pair) => { + const [fieldKey, fieldValue] = pair; + value[fieldKey] = String(fieldValue); + }); + if (!isEqual(value, field?.value)) { + setValue(ConfigKey.LABELS, value); + await trigger(ConfigKey.LABELS); + } + }, + defaultPairs: Object.entries(field?.value || {}), + }), + validation: () => ({ + validate: { + validBodyJSON: (value: Record) => { + if (Object.entries(value).some((check) => !check[0] || !check[1])) { + return i18n.translate('xpack.synthetics.monitorConfig.metaFields.error', { + defaultMessage: + 'This meta fields is not valid. Make sure that both the field and value are defined.', + }); + } + return true; + }, + }, + }), + }, isTLSEnabled: { fieldKey: 'isTLSEnabled', component: Switch, diff --git a/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/monitor_add_edit/form/form_config.tsx b/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/monitor_add_edit/form/form_config.tsx index ea7653130759d..7e29504aca41f 100644 --- a/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/monitor_add_edit/form/form_config.tsx +++ b/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/monitor_add_edit/form/form_config.tsx @@ -19,6 +19,7 @@ const DEFAULT_DATA_OPTIONS = (readOnly: boolean) => ({ }), components: [ FIELD(readOnly)[ConfigKey.TAGS], + FIELD(readOnly)[ConfigKey.LABELS], FIELD(readOnly)[ConfigKey.APM_SERVICE_NAME], FIELD(readOnly)[ConfigKey.NAMESPACE], ], @@ -247,6 +248,7 @@ export const FORM_CONFIG = (readOnly: boolean): FieldConfig => ({ ...DEFAULT_DATA_OPTIONS(readOnly), components: [ FIELD(readOnly)[ConfigKey.TAGS], + FIELD(readOnly)[ConfigKey.LABELS], FIELD(readOnly)[ConfigKey.APM_SERVICE_NAME], FIELD(readOnly)[ConfigKey.SCREENSHOTS], FIELD(readOnly)[ConfigKey.NAMESPACE], @@ -272,6 +274,7 @@ export const FORM_CONFIG = (readOnly: boolean): FieldConfig => ({ ...DEFAULT_DATA_OPTIONS(readOnly), components: [ FIELD(readOnly)[ConfigKey.TAGS], + FIELD(readOnly)[ConfigKey.LABELS], FIELD(readOnly)[ConfigKey.APM_SERVICE_NAME], FIELD(readOnly)[ConfigKey.SCREENSHOTS], FIELD(readOnly)[ConfigKey.NAMESPACE], diff --git a/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/monitor_add_edit/types.ts b/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/monitor_add_edit/types.ts index 7ba092014ec88..eac26125a56dd 100644 --- a/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/monitor_add_edit/types.ts +++ b/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/monitor_add_edit/types.ts @@ -165,4 +165,5 @@ export interface FieldMap { [ConfigKey.MODE]: FieldMeta; [ConfigKey.IPV4]: FieldMeta; [ConfigKey.MAX_ATTEMPTS]: FieldMeta; + [ConfigKey.LABELS]: FieldMeta; } diff --git a/x-pack/plugins/observability_solution/synthetics/server/routes/monitor_cruds/add_monitor/add_monitor_api.test.ts b/x-pack/plugins/observability_solution/synthetics/server/routes/monitor_cruds/add_monitor/add_monitor_api.test.ts index ac5047f2e4ba3..47429f7f037ef 100644 --- a/x-pack/plugins/observability_solution/synthetics/server/routes/monitor_cruds/add_monitor/add_monitor_api.test.ts +++ b/x-pack/plugins/observability_solution/synthetics/server/routes/monitor_cruds/add_monitor/add_monitor_api.test.ts @@ -107,6 +107,7 @@ describe('AddNewMonitorsPublicAPI', () => { type: 'tcp', 'url.port': null, urls: '', + labels: {}, }); }); it('should normalize icmp', async () => { @@ -143,6 +144,7 @@ describe('AddNewMonitorsPublicAPI', () => { timeout: '16', type: 'icmp', wait: '1', + labels: {}, }); }); it('should normalize http', async () => { @@ -201,6 +203,7 @@ describe('AddNewMonitorsPublicAPI', () => { 'url.port': null, urls: '', username: '', + labels: {}, }); }); it('should normalize browser', async () => { @@ -255,6 +258,7 @@ describe('AddNewMonitorsPublicAPI', () => { type: 'browser', 'url.port': null, urls: '', + labels: {}, }); }); }); diff --git a/x-pack/plugins/observability_solution/synthetics/server/saved_objects/migrations/monitors/8.8.0.test.ts b/x-pack/plugins/observability_solution/synthetics/server/saved_objects/migrations/monitors/8.8.0.test.ts index 546f1c0bdf008..762b3658ed80f 100644 --- a/x-pack/plugins/observability_solution/synthetics/server/saved_objects/migrations/monitors/8.8.0.test.ts +++ b/x-pack/plugins/observability_solution/synthetics/server/saved_objects/migrations/monitors/8.8.0.test.ts @@ -163,6 +163,7 @@ describe('Monitor migrations v8.7.0 -> v8.8.0', () => { type: 'browser', 'url.port': null, urls: 'https://elastic.co', + labels: {}, }, coreMigrationVersion: '8.8.0', created_at: '2023-03-31T20:31:24.177Z', diff --git a/x-pack/plugins/observability_solution/synthetics/server/synthetics_service/formatters/private_formatters/common_formatters.ts b/x-pack/plugins/observability_solution/synthetics/server/synthetics_service/formatters/private_formatters/common_formatters.ts index 7f34ba0de0bc2..0451b70b6e878 100644 --- a/x-pack/plugins/observability_solution/synthetics/server/synthetics_service/formatters/private_formatters/common_formatters.ts +++ b/x-pack/plugins/observability_solution/synthetics/server/synthetics_service/formatters/private_formatters/common_formatters.ts @@ -29,6 +29,7 @@ export const commonFormatters: CommonFormatMap = { [ConfigKey.REVISION]: null, [ConfigKey.MONITOR_SOURCE_TYPE]: null, [ConfigKey.FORM_MONITOR_TYPE]: null, + [ConfigKey.LABELS]: null, [ConfigKey.JOURNEY_ID]: stringToJsonFormatter, [ConfigKey.PROJECT_ID]: stringToJsonFormatter, [ConfigKey.CUSTOM_HEARTBEAT_ID]: stringToJsonFormatter, diff --git a/x-pack/plugins/observability_solution/synthetics/server/synthetics_service/formatters/private_formatters/processors_formatter.ts b/x-pack/plugins/observability_solution/synthetics/server/synthetics_service/formatters/private_formatters/processors_formatter.ts index 3a3aabb4e92d4..cb9ffea41e6a2 100644 --- a/x-pack/plugins/observability_solution/synthetics/server/synthetics_service/formatters/private_formatters/processors_formatter.ts +++ b/x-pack/plugins/observability_solution/synthetics/server/synthetics_service/formatters/private_formatters/processors_formatter.ts @@ -5,8 +5,9 @@ * 2.0. */ +import { isEmpty } from 'lodash'; import { ProcessorFields } from './format_synthetics_policy'; -import { HeartbeatFields, MonitorFields } from '../../../../common/runtime_types'; +import { ConfigKey, HeartbeatFields, MonitorFields } from '../../../../common/runtime_types'; interface FieldProcessor { add_fields: { @@ -16,6 +17,7 @@ interface FieldProcessor { } export const processorsFormatter = (config: MonitorFields & ProcessorFields) => { + const labels = config[ConfigKey.LABELS] ?? {}; const processors: FieldProcessor[] = [ { add_fields: { @@ -30,6 +32,7 @@ export const processorsFormatter = (config: MonitorFields & ProcessorFields) => meta: { space_id: config.space_id, }, + ...(isEmpty(labels) ? {} : { labels }), }, target: '', }, diff --git a/x-pack/plugins/observability_solution/synthetics/server/synthetics_service/formatters/public_formatters/common.ts b/x-pack/plugins/observability_solution/synthetics/server/synthetics_service/formatters/public_formatters/common.ts index c84367a27f0a2..b88475c792e0b 100644 --- a/x-pack/plugins/observability_solution/synthetics/server/synthetics_service/formatters/public_formatters/common.ts +++ b/x-pack/plugins/observability_solution/synthetics/server/synthetics_service/formatters/public_formatters/common.ts @@ -55,4 +55,5 @@ export const commonFormatters: CommonFormatMap = { [ConfigKey.SCHEDULE]: (fields) => `@every ${fields[ConfigKey.SCHEDULE]?.number}${fields[ConfigKey.SCHEDULE]?.unit}`, [ConfigKey.TAGS]: arrayFormatter, + [ConfigKey.LABELS]: null, }; diff --git a/x-pack/plugins/observability_solution/synthetics/server/synthetics_service/formatters/public_formatters/format_configs.ts b/x-pack/plugins/observability_solution/synthetics/server/synthetics_service/formatters/public_formatters/format_configs.ts index e59a0b625337b..d9c0821154990 100644 --- a/x-pack/plugins/observability_solution/synthetics/server/synthetics_service/formatters/public_formatters/format_configs.ts +++ b/x-pack/plugins/observability_solution/synthetics/server/synthetics_service/formatters/public_formatters/format_configs.ts @@ -29,6 +29,7 @@ const UI_KEYS_TO_SKIP = [ ConfigKey.TEXT_ASSERTION, ConfigKey.CONFIG_HASH, ConfigKey.ALERT_CONFIG, + ConfigKey.LABELS, 'secrets', ]; @@ -97,6 +98,7 @@ export const formatHeartbeatRequest = ( const heartbeatIdT = heartbeatId ?? monitor[ConfigKey.MONITOR_QUERY_ID]; const paramsString = params ?? (monitor as BrowserFields)[ConfigKey.PARAMS]; + const { labels } = monitor; return { ...monitor, @@ -110,6 +112,7 @@ export const formatHeartbeatRequest = ( meta: { space_id: spaceId, }, + ...(isEmpty(labels) ? {} : { labels }), }, fields_under_root: true, params: monitor.type === 'browser' ? paramsString : '', diff --git a/x-pack/plugins/saved_objects_tagging/public/ui_api/has_tag_decoration.ts b/x-pack/plugins/saved_objects_tagging/public/ui_api/has_tag_decoration.ts deleted file mode 100644 index 6dccf97f0a672..0000000000000 --- a/x-pack/plugins/saved_objects_tagging/public/ui_api/has_tag_decoration.ts +++ /dev/null @@ -1,17 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { - SavedObjectsTaggingApiUi, - TagDecoratedSavedObject, -} from '@kbn/saved-objects-tagging-oss-plugin/public'; - -export const hasTagDecoration: SavedObjectsTaggingApiUi['hasTagDecoration'] = ( - object -): object is TagDecoratedSavedObject => { - return 'getTags' in object && 'setTags' in object; -}; diff --git a/x-pack/plugins/saved_objects_tagging/public/ui_api/index.ts b/x-pack/plugins/saved_objects_tagging/public/ui_api/index.ts index d25b04dd1002c..635e2e5af0440 100644 --- a/x-pack/plugins/saved_objects_tagging/public/ui_api/index.ts +++ b/x-pack/plugins/saved_objects_tagging/public/ui_api/index.ts @@ -21,7 +21,6 @@ import { buildGetSearchBarFilter } from './get_search_bar_filter'; import { buildParseSearchQuery } from './parse_search_query'; import { buildConvertNameToReference } from './convert_name_to_reference'; import { buildGetTagList } from './get_tag_list'; -import { hasTagDecoration } from './has_tag_decoration'; interface GetUiApiOptions extends StartServices { capabilities: TagsCapabilities; @@ -50,7 +49,6 @@ export const getUiApi = ({ getSearchBarFilter: buildGetSearchBarFilter({ getTagList }), parseSearchQuery: buildParseSearchQuery({ cache }), convertNameToReference: buildConvertNameToReference({ cache }), - hasTagDecoration, getTagIdsFromReferences, getTagIdFromName: (tagName: string) => convertTagNameToId(tagName, cache.getState()), updateTagsReferences, diff --git a/x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/bulk_upload_asset_criticality.schema.yaml b/x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/bulk_upload_asset_criticality.schema.yaml index 1e7a9b6ca3372..1f372fb14adba 100644 --- a/x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/bulk_upload_asset_criticality.schema.yaml +++ b/x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/bulk_upload_asset_criticality.schema.yaml @@ -9,8 +9,11 @@ paths: x-labels: [ess, serverless] x-codegen-enabled: true operationId: BulkUpsertAssetCriticalityRecords - summary: Bulk Upsert Asset Criticality Records - description: Bulk upsert up to 1000 asset criticality records, creating or updating them as needed. + summary: Bulk upsert asset criticality records + description: | + Bulk upsert up to 1000 asset criticality records. + + If asset criticality records already exist for the specified entities, those records are overwritten with the specified values. If asset criticality records don't exist for the specified entities, new records are created. requestBody: content: application/json: diff --git a/x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/create_asset_criticality.schema.yaml b/x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/create_asset_criticality.schema.yaml index 13a9e831a2cd5..15e75c3caa080 100644 --- a/x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/create_asset_criticality.schema.yaml +++ b/x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/create_asset_criticality.schema.yaml @@ -9,8 +9,11 @@ paths: x-labels: [ess, serverless] x-codegen-enabled: true operationId: CreateAssetCriticalityRecord - summary: Upsert Criticality Record - description: Create or update a criticality record for a specific asset. + summary: Upsert an asset criticality record + description: | + Create or update an asset criticality record for a specific entity. + + If a record already exists for the specified entity, that record is overwritten with the specified value. If a record doesn't exist for the specified entity, a new record is created. requestBody: required: true content: diff --git a/x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/delete_asset_criticality.schema.yaml b/x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/delete_asset_criticality.schema.yaml index f74cf5791aa21..f393e7fbc6e01 100644 --- a/x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/delete_asset_criticality.schema.yaml +++ b/x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/delete_asset_criticality.schema.yaml @@ -9,8 +9,8 @@ paths: x-labels: [ess, serverless] x-codegen-enabled: true operationId: DeleteAssetCriticalityRecord - summary: Delete Criticality Record - description: Delete the asset criticality record for a specific asset if it exists. + summary: Delete an asset criticality record + description: Delete the asset criticality record for a specific entity. parameters: - name: id_value in: query diff --git a/x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/get_asset_criticality.schema.yaml b/x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/get_asset_criticality.schema.yaml index a162cf3944c69..a11ea07c6a270 100644 --- a/x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/get_asset_criticality.schema.yaml +++ b/x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/get_asset_criticality.schema.yaml @@ -9,8 +9,8 @@ paths: x-labels: [ess, serverless] x-codegen-enabled: true operationId: GetAssetCriticalityRecord - summary: Get Criticality Record - description: Get the criticality record for a specific asset. + summary: Get an asset criticality record + description: Get the asset criticality record for a specific entity. parameters: - name: id_value in: query diff --git a/x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/list_asset_criticality.schema.yaml b/x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/list_asset_criticality.schema.yaml index 020727c4638d7..f8b0a2caa2257 100644 --- a/x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/list_asset_criticality.schema.yaml +++ b/x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/list_asset_criticality.schema.yaml @@ -9,7 +9,7 @@ paths: x-labels: [ess, serverless] x-codegen-enabled: true operationId: FindAssetCriticalityRecords - summary: List Asset Criticality Records + summary: List asset criticality records description: List asset criticality records, paging, sorting and filtering as needed. parameters: - name: sort_field diff --git a/x-pack/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_schedule_now_route.schema.yaml b/x-pack/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_schedule_now_route.schema.yaml index 4a09e8d08666f..b395ba2db967e 100644 --- a/x-pack/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_schedule_now_route.schema.yaml +++ b/x-pack/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_schedule_now_route.schema.yaml @@ -19,7 +19,8 @@ paths: x-labels: [ess, serverless] x-codegen-enabled: true operationId: ScheduleRiskEngineNow - summary: Schedule the risk engine to run as soon as possible + summary: Run the risk scoring engine + description: Schedule the risk scoring engine to run as soon as possible. You can use this to recalculate entity risk scores after updating their asset criticality. requestBody: content: application/json: {} diff --git a/x-pack/plugins/security_solution/common/api/quickstart_client.gen.ts b/x-pack/plugins/security_solution/common/api/quickstart_client.gen.ts index bb564dbe69b34..0e4b7456547cc 100644 --- a/x-pack/plugins/security_solution/common/api/quickstart_client.gen.ts +++ b/x-pack/plugins/security_solution/common/api/quickstart_client.gen.ts @@ -500,8 +500,11 @@ after 30 days. It also deletes other artifacts specific to the migration impleme .catch(catchAxiosErrorFormatAndThrow); } /** - * Bulk upsert up to 1000 asset criticality records, creating or updating them as needed. - */ + * Bulk upsert up to 1000 asset criticality records. + +If asset criticality records already exist for the specified entities, those records are overwritten with the specified values. If asset criticality records don't exist for the specified entities, new records are created. + + */ async bulkUpsertAssetCriticalityRecords(props: BulkUpsertAssetCriticalityRecordsProps) { this.log.info(`${new Date().toISOString()} Calling API BulkUpsertAssetCriticalityRecords`); return this.kbnClient @@ -565,8 +568,11 @@ Migrations are initiated per index. While the process is neither destructive nor .catch(catchAxiosErrorFormatAndThrow); } /** - * Create or update a criticality record for a specific asset. - */ + * Create or update an asset criticality record for a specific entity. + +If a record already exists for the specified entity, that record is overwritten with the specified value. If a record doesn't exist for the specified entity, a new record is created. + + */ async createAssetCriticalityRecord(props: CreateAssetCriticalityRecordProps) { this.log.info(`${new Date().toISOString()} Calling API CreateAssetCriticalityRecord`); return this.kbnClient @@ -641,7 +647,7 @@ Migrations are initiated per index. While the process is neither destructive nor .catch(catchAxiosErrorFormatAndThrow); } /** - * Delete the asset criticality record for a specific asset if it exists. + * Delete the asset criticality record for a specific entity. */ async deleteAssetCriticalityRecord(props: DeleteAssetCriticalityRecordProps) { this.log.info(`${new Date().toISOString()} Calling API DeleteAssetCriticalityRecord`); @@ -1146,7 +1152,7 @@ finalize it. .catch(catchAxiosErrorFormatAndThrow); } /** - * Get the criticality record for a specific asset. + * Get the asset criticality record for a specific entity. */ async getAssetCriticalityRecord(props: GetAssetCriticalityRecordProps) { this.log.info(`${new Date().toISOString()} Calling API GetAssetCriticalityRecord`); @@ -1768,6 +1774,9 @@ detection engine rules. }) .catch(catchAxiosErrorFormatAndThrow); } + /** + * Schedule the risk scoring engine to run as soon as possible. You can use this to recalculate entity risk scores after updating their asset criticality. + */ async scheduleRiskEngineNow() { this.log.info(`${new Date().toISOString()} Calling API ScheduleRiskEngineNow`); return this.kbnClient diff --git a/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml b/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml index 42e8db13d78a4..c72b38d04c6cd 100644 --- a/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml @@ -13,7 +13,7 @@ servers: paths: /api/asset_criticality: delete: - description: Delete the asset criticality record for a specific asset if it exists. + description: Delete the asset criticality record for a specific entity. operationId: DeleteAssetCriticalityRecord parameters: - description: The ID value of the asset. @@ -57,11 +57,11 @@ paths: description: Successful response '400': description: Invalid request - summary: Delete Criticality Record + summary: Delete an asset criticality record tags: - Security Solution Entity Analytics API get: - description: Get the criticality record for a specific asset. + description: Get the asset criticality record for a specific entity. operationId: GetAssetCriticalityRecord parameters: - description: The ID value of the asset. @@ -88,11 +88,17 @@ paths: description: Invalid request '404': description: Criticality record not found - summary: Get Criticality Record + summary: Get an asset criticality record tags: - Security Solution Entity Analytics API post: - description: Create or update a criticality record for a specific asset. + description: > + Create or update an asset criticality record for a specific entity. + + + If a record already exists for the specified entity, that record is + overwritten with the specified value. If a record doesn't exist for the + specified entity, a new record is created. operationId: CreateAssetCriticalityRecord requestBody: content: @@ -119,14 +125,19 @@ paths: description: Successful response '400': description: Invalid request - summary: Upsert Criticality Record + summary: Upsert an asset criticality record tags: - Security Solution Entity Analytics API /api/asset_criticality/bulk: post: - description: >- - Bulk upsert up to 1000 asset criticality records, creating or updating - them as needed. + description: > + Bulk upsert up to 1000 asset criticality records. + + + If asset criticality records already exist for the specified entities, + those records are overwritten with the specified values. If asset + criticality records don't exist for the specified entities, new records + are created. operationId: BulkUpsertAssetCriticalityRecords requestBody: content: @@ -177,7 +188,7 @@ paths: description: Bulk upload successful '413': description: File too large - summary: Bulk Upsert Asset Criticality Records + summary: Bulk upsert asset criticality records tags: - Security Solution Entity Analytics API /api/asset_criticality/list: @@ -253,7 +264,7 @@ paths: - per_page - total description: Bulk upload successful - summary: List Asset Criticality Records + summary: List asset criticality records tags: - Security Solution Entity Analytics API /api/entity_store/engines: @@ -515,6 +526,10 @@ paths: - Security Solution Entity Analytics API /api/risk_score/engine/schedule_now: post: + description: >- + Schedule the risk scoring engine to run as soon as possible. You can use + this to recalculate entity risk scores after updating their asset + criticality. operationId: ScheduleRiskEngineNow requestBody: content: @@ -538,7 +553,7 @@ paths: schema: $ref: '#/components/schemas/RiskEngineScheduleNowErrorResponse' description: Unexpected error - summary: Schedule the risk engine to run as soon as possible + summary: Run the risk scoring engine tags: - Security Solution Entity Analytics API components: diff --git a/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml b/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml index ec3cf571b936e..9df11c7eb9e10 100644 --- a/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml @@ -13,7 +13,7 @@ servers: paths: /api/asset_criticality: delete: - description: Delete the asset criticality record for a specific asset if it exists. + description: Delete the asset criticality record for a specific entity. operationId: DeleteAssetCriticalityRecord parameters: - description: The ID value of the asset. @@ -57,11 +57,11 @@ paths: description: Successful response '400': description: Invalid request - summary: Delete Criticality Record + summary: Delete an asset criticality record tags: - Security Solution Entity Analytics API get: - description: Get the criticality record for a specific asset. + description: Get the asset criticality record for a specific entity. operationId: GetAssetCriticalityRecord parameters: - description: The ID value of the asset. @@ -88,11 +88,17 @@ paths: description: Invalid request '404': description: Criticality record not found - summary: Get Criticality Record + summary: Get an asset criticality record tags: - Security Solution Entity Analytics API post: - description: Create or update a criticality record for a specific asset. + description: > + Create or update an asset criticality record for a specific entity. + + + If a record already exists for the specified entity, that record is + overwritten with the specified value. If a record doesn't exist for the + specified entity, a new record is created. operationId: CreateAssetCriticalityRecord requestBody: content: @@ -119,14 +125,19 @@ paths: description: Successful response '400': description: Invalid request - summary: Upsert Criticality Record + summary: Upsert an asset criticality record tags: - Security Solution Entity Analytics API /api/asset_criticality/bulk: post: - description: >- - Bulk upsert up to 1000 asset criticality records, creating or updating - them as needed. + description: > + Bulk upsert up to 1000 asset criticality records. + + + If asset criticality records already exist for the specified entities, + those records are overwritten with the specified values. If asset + criticality records don't exist for the specified entities, new records + are created. operationId: BulkUpsertAssetCriticalityRecords requestBody: content: @@ -177,7 +188,7 @@ paths: description: Bulk upload successful '413': description: File too large - summary: Bulk Upsert Asset Criticality Records + summary: Bulk upsert asset criticality records tags: - Security Solution Entity Analytics API /api/asset_criticality/list: @@ -253,7 +264,7 @@ paths: - per_page - total description: Bulk upload successful - summary: List Asset Criticality Records + summary: List asset criticality records tags: - Security Solution Entity Analytics API /api/entity_store/engines: @@ -515,6 +526,10 @@ paths: - Security Solution Entity Analytics API /api/risk_score/engine/schedule_now: post: + description: >- + Schedule the risk scoring engine to run as soon as possible. You can use + this to recalculate entity risk scores after updating their asset + criticality. operationId: ScheduleRiskEngineNow requestBody: content: @@ -538,7 +553,7 @@ paths: schema: $ref: '#/components/schemas/RiskEngineScheduleNowErrorResponse' description: Unexpected error - summary: Schedule the risk engine to run as soon as possible + summary: Run the risk scoring engine tags: - Security Solution Entity Analytics API components: diff --git a/x-pack/plugins/security_solution/public/common/components/events_tab/events_query_tab_body.tsx b/x-pack/plugins/security_solution/public/common/components/events_tab/events_query_tab_body.tsx index 368fda2500fe1..92c94549ca891 100644 --- a/x-pack/plugins/security_solution/public/common/components/events_tab/events_query_tab_body.tsx +++ b/x-pack/plugins/security_solution/public/common/components/events_tab/events_query_tab_body.tsx @@ -12,6 +12,7 @@ import { EuiCheckbox } from '@elastic/eui'; import type { Filter } from '@kbn/es-query'; import { dataTableActions } from '@kbn/securitysolution-data-table'; import type { TableId } from '@kbn/securitysolution-data-table'; +import { useIsExperimentalFeatureEnabled } from '../../hooks/use_experimental_features'; import type { CustomBulkAction } from '../../../../common/types'; import { RowRendererValues } from '../../../../common/api/timeline'; import { StatefulEventsViewer } from '../events_viewer'; @@ -73,7 +74,13 @@ const EventsQueryTabBodyComponent: React.FC = const { globalFullScreen } = useGlobalFullScreen(); const [defaultNumberFormat] = useUiSetting$(DEFAULT_NUMBER_FORMAT); const isEnterprisePlus = useLicense().isEnterprise(); - const ACTION_BUTTON_COUNT = isEnterprisePlus ? 5 : 4; + let ACTION_BUTTON_COUNT = isEnterprisePlus ? 6 : 5; + const securitySolutionNotesEnabled = useIsExperimentalFeatureEnabled( + 'securitySolutionNotesEnabled' + ); + if (!securitySolutionNotesEnabled) { + ACTION_BUTTON_COUNT--; + } const leadingControlColumns = useMemo( () => getDefaultControlColumn(ACTION_BUTTON_COUNT), [ACTION_BUTTON_COUNT] diff --git a/x-pack/plugins/security_solution_serverless/server/cloud_security/constants.ts b/x-pack/plugins/security_solution_serverless/server/cloud_security/constants.ts index c0b95f4de8c32..fa98707e5ebeb 100644 --- a/x-pack/plugins/security_solution_serverless/server/cloud_security/constants.ts +++ b/x-pack/plugins/security_solution_serverless/server/cloud_security/constants.ts @@ -9,11 +9,9 @@ import { CSPM_POLICY_TEMPLATE, KSPM_POLICY_TEMPLATE, CDR_LATEST_NATIVE_MISCONFIGURATIONS_INDEX_PATTERN, -} from '@kbn/cloud-security-posture-common'; -import { - CNVM_POLICY_TEMPLATE, CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, -} from '@kbn/cloud-security-posture-plugin/common/constants'; +} from '@kbn/cloud-security-posture-common'; +import { CNVM_POLICY_TEMPLATE } from '@kbn/cloud-security-posture-plugin/common/constants'; import { INTEGRATION_PACKAGE_NAME } from '@kbn/cloud-defend-plugin/common/constants'; export const CLOUD_DEFEND_HEARTBEAT_INDEX = 'metrics-cloud_defend.heartbeat-*'; diff --git a/x-pack/plugins/task_manager/server/polling_lifecycle.ts b/x-pack/plugins/task_manager/server/polling_lifecycle.ts index 81a65009391f6..4176f7a03312f 100644 --- a/x-pack/plugins/task_manager/server/polling_lifecycle.ts +++ b/x-pack/plugins/task_manager/server/polling_lifecycle.ts @@ -84,7 +84,6 @@ export class TaskPollingLifecycle implements ITaskEventEmitter; private logger: Logger; public pool: TaskPool; @@ -95,6 +94,7 @@ export class TaskPollingLifecycle implements ITaskEventEmitter { + this.currentPollInterval = pollInterval; + }); const emitEvent = (event: TaskLifecycleEvent) => this.events$.next(event); @@ -225,7 +228,7 @@ export class TaskPollingLifecycle implements ITaskEventEmitter this.currentPollInterval, }); }; diff --git a/x-pack/plugins/task_manager/server/task_running/task_runner.test.ts b/x-pack/plugins/task_manager/server/task_running/task_runner.test.ts index 4f21bf35619ef..d9016395b6cc2 100644 --- a/x-pack/plugins/task_manager/server/task_running/task_runner.test.ts +++ b/x-pack/plugins/task_manager/server/task_running/task_runner.test.ts @@ -9,7 +9,6 @@ import _ from 'lodash'; import sinon from 'sinon'; import { secondsFromNow } from '../lib/intervals'; import { asOk, asErr } from '../lib/result_type'; -import { BehaviorSubject } from 'rxjs'; import { createTaskRunError, TaskErrorSource, @@ -2502,7 +2501,7 @@ describe('TaskManagerRunner', () => { }), allowReadingInvalidState: opts.allowReadingInvalidState || false, strategy: opts.strategy ?? CLAIM_STRATEGY_UPDATE_BY_QUERY, - pollIntervalConfiguration$: new BehaviorSubject(500), + getPollInterval: () => 500, }); if (stage === TaskRunningStage.READY_TO_RUN) { diff --git a/x-pack/plugins/task_manager/server/task_running/task_runner.ts b/x-pack/plugins/task_manager/server/task_running/task_runner.ts index 32b48c5caf58b..b68cbe1c85e53 100644 --- a/x-pack/plugins/task_manager/server/task_running/task_runner.ts +++ b/x-pack/plugins/task_manager/server/task_running/task_runner.ts @@ -11,7 +11,6 @@ * rescheduling, middleware application, etc. */ -import { Observable } from 'rxjs'; import apm from 'elastic-apm-node'; import { v4 as uuidv4 } from 'uuid'; import { withSpan } from '@kbn/apm-utils'; @@ -113,7 +112,7 @@ type Opts = { config: TaskManagerConfig; allowReadingInvalidState: boolean; strategy: string; - pollIntervalConfiguration$: Observable; + getPollInterval: () => number; } & Pick; export enum TaskRunResult { @@ -166,7 +165,7 @@ export class TaskManagerRunner implements TaskRunner { private config: TaskManagerConfig; private readonly taskValidator: TaskValidator; private readonly claimStrategy: string; - private currentPollInterval: number; + private getPollInterval: () => number; /** * Creates an instance of TaskManagerRunner. @@ -192,7 +191,7 @@ export class TaskManagerRunner implements TaskRunner { config, allowReadingInvalidState, strategy, - pollIntervalConfiguration$, + getPollInterval, }: Opts) { this.instance = asPending(sanitizeInstance(instance)); this.definitions = definitions; @@ -212,10 +211,7 @@ export class TaskManagerRunner implements TaskRunner { allowReadingInvalidState, }); this.claimStrategy = strategy; - this.currentPollInterval = config.poll_interval; - pollIntervalConfiguration$.subscribe((pollInterval) => { - this.currentPollInterval = pollInterval; - }); + this.getPollInterval = getPollInterval; } /** @@ -656,7 +652,7 @@ export class TaskManagerRunner implements TaskRunner { startedAt: this.instance.task.startedAt, schedule: updatedTaskSchedule, }, - this.currentPollInterval + this.getPollInterval() ), state, schedule: updatedTaskSchedule, diff --git a/x-pack/plugins/transform/public/app/__mocks__/app_dependencies.tsx b/x-pack/plugins/transform/public/app/__mocks__/app_dependencies.tsx index 0feb3b2c9fc21..6af01088b70db 100644 --- a/x-pack/plugins/transform/public/app/__mocks__/app_dependencies.tsx +++ b/x-pack/plugins/transform/public/app/__mocks__/app_dependencies.tsx @@ -16,7 +16,6 @@ import type { ScopedHistory } from '@kbn/core/public'; import { coreMock, themeServiceMock } from '@kbn/core/public/mocks'; import { dataPluginMock } from '@kbn/data-plugin/public/mocks'; import { dataViewPluginMocks } from '@kbn/data-views-plugin/public/mocks'; -import { savedObjectsPluginMock } from '@kbn/saved-objects-plugin/public/mocks'; import { chartPluginMock } from '@kbn/charts-plugin/public/mocks'; import { fieldFormatsServiceMock } from '@kbn/field-formats-plugin/public/mocks'; import type { SharePluginStart } from '@kbn/share-plugin/public'; @@ -88,7 +87,6 @@ const appDependencies: AppDependencies = { theme: themeServiceMock.createStartContract(), http: coreSetup.http, history: {} as ScopedHistory, - savedObjectsPlugin: savedObjectsPluginMock.createStartContract(), share: { urlGenerators: { getUrlGenerator: jest.fn() } } as unknown as SharePluginStart, ml: {} as GetMlSharedImportsReturnType, triggersActionsUi: {} as jest.Mocked, diff --git a/x-pack/plugins/transform/public/app/app_dependencies.tsx b/x-pack/plugins/transform/public/app/app_dependencies.tsx index ebb65f58a4093..1f8b2373f0f7d 100644 --- a/x-pack/plugins/transform/public/app/app_dependencies.tsx +++ b/x-pack/plugins/transform/public/app/app_dependencies.tsx @@ -19,7 +19,6 @@ import type { ScopedHistory, ThemeServiceStart, } from '@kbn/core/public'; -import type { SavedObjectsStart as SavedObjectsPluginStart } from '@kbn/saved-objects-plugin/public'; import type { DataPublicPluginStart } from '@kbn/data-plugin/public'; import type { DataViewsPublicPluginStart } from '@kbn/data-views-plugin/public'; import type { SharePluginStart } from '@kbn/share-plugin/public'; @@ -60,7 +59,6 @@ export interface AppDependencies { overlays: OverlayStart; theme: ThemeServiceStart; history: ScopedHistory; - savedObjectsPlugin: SavedObjectsPluginStart; share: SharePluginStart; ml: GetMlSharedImportsReturnType; spaces?: SpacesPluginStart; diff --git a/x-pack/plugins/transform/public/app/mount_management_section.ts b/x-pack/plugins/transform/public/app/mount_management_section.ts index e28275d203990..8d59c9ce2d0f2 100644 --- a/x-pack/plugins/transform/public/app/mount_management_section.ts +++ b/x-pack/plugins/transform/public/app/mount_management_section.ts @@ -85,7 +85,6 @@ export async function mountManagementSection( uiSettings, settings, history, - savedObjectsPlugin: plugins.savedObjects, share, spaces, ml: await getMlSharedImports(), diff --git a/x-pack/plugins/transform/public/plugin.ts b/x-pack/plugins/transform/public/plugin.ts index f1677bbcb7c78..07bda2b5400b1 100644 --- a/x-pack/plugins/transform/public/plugin.ts +++ b/x-pack/plugins/transform/public/plugin.ts @@ -11,7 +11,6 @@ import type { CoreSetup } from '@kbn/core/public'; import type { DataPublicPluginStart } from '@kbn/data-plugin/public'; import type { DataViewsPublicPluginStart } from '@kbn/data-views-plugin/public'; import type { HomePublicPluginSetup } from '@kbn/home-plugin/public'; -import type { SavedObjectsStart } from '@kbn/saved-objects-plugin/public'; import type { ManagementSetup } from '@kbn/management-plugin/public'; import type { SharePluginStart } from '@kbn/share-plugin/public'; import type { SpacesApi } from '@kbn/spaces-plugin/public'; @@ -37,7 +36,6 @@ export interface PluginsDependencies { dataViews: DataViewsPublicPluginStart; management: ManagementSetup; home: HomePublicPluginSetup; - savedObjects: SavedObjectsStart; savedSearch: SavedSearchPublicPluginStart; share: SharePluginStart; spaces?: SpacesApi; diff --git a/x-pack/plugins/transform/tsconfig.json b/x-pack/plugins/transform/tsconfig.json index 9b1abbd589a83..e3ccb0cc1d403 100644 --- a/x-pack/plugins/transform/tsconfig.json +++ b/x-pack/plugins/transform/tsconfig.json @@ -24,7 +24,6 @@ "@kbn/alerting-plugin", "@kbn/data-views-plugin", "@kbn/home-plugin", - "@kbn/saved-objects-plugin", "@kbn/management-plugin", "@kbn/share-plugin", "@kbn/spaces-plugin", diff --git a/x-pack/plugins/translations/translations/fr-FR.json b/x-pack/plugins/translations/translations/fr-FR.json index 675855e15c996..8e7d9462e8f60 100644 --- a/x-pack/plugins/translations/translations/fr-FR.json +++ b/x-pack/plugins/translations/translations/fr-FR.json @@ -5446,10 +5446,10 @@ "kibanaOverview.manageData.sectionTitle": "Gérer vos données", "kibanaOverview.more.title": "Toujours plus avec Elastic", "kibanaOverview.news.title": "Nouveautés", - "languageDocumentationPopover.documentationLinkLabel": "Voir toute la documentation", - "languageDocumentationPopover.header": "Référence de {language}", - "languageDocumentationPopover.searchPlaceholder": "Recherche", - "languageDocumentationPopover.tooltip": "Référence de {lang}", + "languageDocumentation.documentationLinkLabel": "Voir toute la documentation", + "languageDocumentation.header": "Référence de {language}", + "languageDocumentation.searchPlaceholder": "Recherche", + "languageDocumentation.tooltip": "Référence de {lang}", "lensFormulaDocs.avg": "Moyenne", "lensFormulaDocs.boolean": "booléen", "lensFormulaDocs.cardinality": "Décompte unique", @@ -7084,253 +7084,253 @@ "telemetry.usageCollectionConstant": "collecte de données d’utilisation", "telemetry.usageDataTitle": "Collecte de données d’utilisation", "textBasedEditor.query.textBasedLanguagesEditor.aborted": "La demande a été annulée", - "languageDocumentationPopover.documentationESQL.aggregationFunctions": "Fonctions d'agrégation", - "languageDocumentationPopover.documentationESQL.aggregationFunctionsDocumentationESQLDescription": "Ces fonctions peuvent être utilisées avec STATS...BY :", + "languageDocumentation.documentationESQL.aggregationFunctions": "Fonctions d'agrégation", + "languageDocumentation.documentationESQL.aggregationFunctionsDocumentationESQLDescription": "Ces fonctions peuvent être utilisées avec STATS...BY :", "textBasedEditor.query.textBasedLanguagesEditor.cancel": "Annuler", "textBasedEditor.query.textBasedLanguagesEditor.collapseLabel": "Réduire", - "languageDocumentationPopover.documentationESQL.commandsDescription": "Une commande source produit un tableau, habituellement avec des données issues d'Elasticsearch. ES|QL est compatible avec les commandes sources suivantes.", + "languageDocumentation.documentationESQL.commandsDescription": "Une commande source produit un tableau, habituellement avec des données issues d'Elasticsearch. ES|QL est compatible avec les commandes sources suivantes.", "textBasedEditor.query.textBasedLanguagesEditor.disableWordWrapLabel": "Supprimer les sauts de ligne des barres verticales", - "languageDocumentationPopover.documentationESQL.abs": "ABS", - "languageDocumentationPopover.documentationESQL.abs.markdown": "\n\n ### ABS\n Renvoie la valeur absolue.\n\n ````\n Numéro ROW = -1.0 \n | EVAL abs_number = ABS(number)\n ````\n ", - "languageDocumentationPopover.documentationESQL.acos": "ACOS", - "languageDocumentationPopover.documentationESQL.acos.markdown": "\n\n ### ACOS\n Renvoie l'arc cosinus de `n` sous forme d'angle, exprimé en radians.\n\n ````\n ROW a=.9\n | EVAL acos=ACOS(a)\n ````\n ", - "languageDocumentationPopover.documentationESQL.asin": "ASIN", - "languageDocumentationPopover.documentationESQL.asin.markdown": "\n\n ### ASIN\n Renvoie l'arc sinus de l'entrée\n expression numérique sous forme d'angle, exprimée en radians.\n\n ````\n ROW a=.9\n | EVAL asin=ASIN(a)\n ````\n ", - "languageDocumentationPopover.documentationESQL.atan": "ATAN", - "languageDocumentationPopover.documentationESQL.atan.markdown": "\n\n ### ATAN\n Renvoie l'arc tangente de l'entrée\n expression numérique sous forme d'angle, exprimée en radians.\n\n ````\n ROW a=.12.9\n | EVAL atan=ATAN(a)\n ````\n ", - "languageDocumentationPopover.documentationESQL.atan2": "ATAN2", - "languageDocumentationPopover.documentationESQL.atan2.markdown": "\n\n ### ATAN2\n L'angle entre l'axe positif des x et le rayon allant de\n l'origine au point (x , y) dans le plan cartésien, exprimée en radians.\n\n ````\n ROW y=12.9, x=.6\n | EVAL atan2=ATAN2(y, x)\n ````\n ", - "languageDocumentationPopover.documentationESQL.autoBucketFunction": "COMPARTIMENT", - "languageDocumentationPopover.documentationESQL.autoBucketFunction.markdown": "### COMPARTIMENT\nCréer des groupes de valeurs, des compartiments (\"buckets\"), à partir d'une entrée d'un numéro ou d'un horodatage. La taille des compartiments peut être fournie directement ou choisie selon une plage de valeurs et de décompte recommandée.\n\n`BUCKET` a deux modes de fonctionnement : \n\n1. Dans lequel la taille du compartiment est calculée selon la recommandation de décompte d'un compartiment (quatre paramètres) et une plage.\n2. Dans lequel la taille du compartiment est fournie directement (deux paramètres).\n\nAvec un nombre cible de compartiments, le début d'une plage et la fin d'une plage, `BUCKET` choisit une taille de compartiment appropriée afin de générer le nombre cible de compartiments ou moins.\n\nPar exemple, demander jusqu'à 20 compartiments pour une année organisera les données en intervalles mensuels :\n\n````\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hire_date = MV_SORT(VALUES(hire_date)) BY month = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT hire_date\n````\n\n**REMARQUE** : Le but n'est pas de fournir le nombre précis de compartiments, mais plutôt de sélectionner une plage qui fournit, tout au plus, le nombre cible de compartiments.\n\nVous pouvez combiner `BUCKET` avec une agrégation pour créer un histogramme :\n\n````\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hires_per_month = COUNT(*) BY month = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT month\n````\n\n**REMARQUE** : `BUCKET` ne crée pas de compartiments qui ne correspondent à aucun document. C'est pourquoi, dans l'exemple précédent, il manque 1985-03-01 ainsi que d'autres dates.\n\nDemander d'autres compartiments peut résulter en une plage réduite. Par exemple, demander jusqu'à 100 compartiments en un an résulte en des compartiments hebdomadaires :\n\n````\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hires_per_week = COUNT(*) BY week = BUCKET(hire_date, 100, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT week\n````\n\n**REMARQUE** : `AUTO_BUCKET` ne filtre aucune ligne. Il n'utilise que la plage fournie pour choisir une taille de compartiment appropriée. Pour les lignes dont la valeur se situe en dehors de la plage, il renvoie une valeur de compartiment qui correspond à un compartiment situé en dehors de la plage. Associez `BUCKET` à `WHERE` pour filtrer les lignes.\n\nSi la taille de compartiment désirée est connue à l'avance, fournissez-la comme second argument, en ignorant la plage :\n\n````\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hires_per_week = COUNT(*) BY week = BUCKET(hire_date, 1 week)\n| SORT week\n````\n\n**REMARQUE** : Lorsque vous fournissez la taille du compartiment comme second argument, ce dernier doit être une période temporelle ou une durée.\n\n`BUCKET` peut également être utilisé pour des champs numériques. Par exemple, pour créer un histogramme de salaire :\n\n````\nFROM employees\n| STATS COUNT(*) by bs = BUCKET(salary, 20, 25324, 74999)\n| SORT bs\n````\n\nContrairement à l'exemple précédent qui filtre intentionnellement sur une plage temporelle, vous n'avez pas souvent besoin de filtrer sur une plage numérique. Vous devez trouver les valeurs min et max séparément. ES|QL n'a pas encore de façon aisée d'effectuer cette opération automatiquement.\n\nLa plage peut être ignorée si la taille désirée de compartiment est connue à l'avance. Fournissez-la simplement comme second argument :\n\n````\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS c = COUNT(1) BY b = BUCKET(salary, 5000.)\n| SORT b\n````\n\n**REMARQUE** : Lorsque vous fournissez la taille du compartiment comme second argument, elle doit être de type à **virgule flottante**.\n\nVoici un exemple sur comment créer des compartiments horaires pour les dernières 24 heures, et calculer le nombre d'événements par heure :\n\n````\nFROM sample_data\n| WHERE @timestamp >= NOW() - 1 day and @timestamp < NOW()\n| STATS COUNT(*) BY bucket = BUCKET(@timestamp, 25, NOW() - 1 day, NOW())\n````\n\nVoici un exemple permettant de créer des compartiments mensuels pour l'année 1985, et calculer le salaire moyen par mois d'embauche :\n\n````\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS AVG(salary) BY bucket = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT bucket\n````\n\n`BUCKET` peut être utilisé pour les parties de groupage et d'agrégation de la commande `STATS …​ BY ...`, tant que la partie d'agrégation de la fonction est **référencée par un alias défini dans la partie de groupage**, ou que celle-ci est invoquée avec exactement la même expression.\n\nPar exemple :\n\n````\nFROM employees\n| STATS s1 = b1 + 1, s2 = BUCKET(salary / 1000 + 999, 50.) + 2 BY b1 = BUCKET(salary / 100 + 99, 50.), b2 = BUCKET(salary / 1000 + 999, 50.)\n| SORT b1, b2\n| KEEP s1, b1, s2, b2\n````\n ", - "languageDocumentationPopover.documentationESQL.binaryOperators": "Opérateurs binaires", - "languageDocumentationPopover.documentationESQL.binaryOperators.markdown": "### Opérateurs binaires\nLes opérateurs de comparaison binaire suivants sont pris en charge :\n\n* égalité : `==`\n* inégalité : `!=`\n* inférieur à : `<`\n* inférieur ou égal à : `<=`\n* supérieur à : `>`\n* supérieur ou égal à : `>=`\n* ajouter : `+`\n* soustraire : `-`\n* multiplier par : `*`\n* diviser par : `/`\n* module : `%`\n ", - "languageDocumentationPopover.documentationESQL.booleanOperators": "Opérateurs booléens", - "languageDocumentationPopover.documentationESQL.booleanOperators.markdown": "### Opérateurs booléens\nLes opérateurs booléens suivants sont pris en charge :\n\n* `AND`\n* `OR`\n* `NOT`\n ", - "languageDocumentationPopover.documentationESQL.bucket": "COMPARTIMENT", - "languageDocumentationPopover.documentationESQL.bucket.markdown": "\n\n ### COMPARTIMENT\n Créer des groupes de valeurs, des compartiments (\"buckets\"), à partir d'une entrée d'un numéro ou d'un horodatage.\n La taille des compartiments peut être fournie directement ou choisie selon une plage de valeurs et de décompte recommandée.\n\n ````\n FROM employees\n | WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n | STATS hire_date = MV_SORT(VALUES(hire_date)) BY month = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n | SORT hire_date\n ````\n ", - "languageDocumentationPopover.documentationESQL.case": "CASE", - "languageDocumentationPopover.documentationESQL.case.markdown": "\n\n ### CAS\n Accepte les paires de conditions et de valeurs. La fonction renvoie la valeur qui\n appartient à la première condition étant évaluée comme `true`.\n\n Si le nombre d'arguments est impair, le dernier argument est la valeur par défaut qui est\n renvoyée si aucune condition ne correspond. Si le nombre d'arguments est pair, et\n qu'aucune condition ne correspond, la fonction renvoie `null`.\n\n ````\n FROM employees\n | EVAL type = CASE(\n languages <= 1, \"monolingual\",\n languages <= 2, \"bilingual\",\n \"polyglot\")\n | KEEP emp_no, languages, type\n ````\n ", - "languageDocumentationPopover.documentationESQL.castOperator": "Cast (::)", - "languageDocumentationPopover.documentationESQL.castOperator.markdown": "### CAST (`::`)\nL'opérateur `::` fournit une syntaxe alternative pratique au type de converstion de fonction `TO_`.\n\nExemple :\n````\nROW ver = CONCAT((\"0\"::INT + 1)::STRING, \".2.3\")::VERSION\n````\n ", - "languageDocumentationPopover.documentationESQL.cbrt": "CBRT", - "languageDocumentationPopover.documentationESQL.cbrt.markdown": "\n\n ### CBRT\n Renvoie la racine cubique d'un nombre. La valeur de renvoi est toujours un double, quelle que soit la valeur numérique de l'entrée.\n La racine cubique de l’infini est nulle.\n\n ````\n ROW d = 1000.0\n | EVAL c = cbrt(d)\n ````\n ", - "languageDocumentationPopover.documentationESQL.ceil": "CEIL", - "languageDocumentationPopover.documentationESQL.ceil.markdown": "\n\n ### CEIL\n Arrondir un nombre à l'entier supérieur.\n\n ```\n ROW a=1.8\n | EVAL a=CEIL(a)\n ```\n Remarque : Il s'agit d'un noop pour `long` (y compris non signé) et `integer`. Pour `double`, la fonction choisit la valeur `double` la plus proche de l'entier, de manière similaire à la méthode Math.ceil.\n ", - "languageDocumentationPopover.documentationESQL.cidr_match": "CIDR_MATCH", - "languageDocumentationPopover.documentationESQL.cidr_match.markdown": "\n\n ### CIDR_MATCH\n Renvoie `true` si l'IP fournie est contenue dans l'un des blocs CIDR fournis.\n\n ````\n FROM hosts \n | WHERE CIDR_MATCH(ip1, \"127.0.0.2/32\", \"127.0.0.3/32\") \n | KEEP card, host, ip0, ip1\n ````\n ", - "languageDocumentationPopover.documentationESQL.coalesce": "COALESCE", - "languageDocumentationPopover.documentationESQL.coalesce.markdown": "\n\n ### COALESCE\n Renvoie le premier de ses arguments qui n'est pas nul. Si tous les arguments sont nuls, `null` est renvoyé.\n\n ````\n ROW a=null, b=\"b\"\n | EVAL COALESCE(a, b)\n ````\n ", - "languageDocumentationPopover.documentationESQL.concat": "CONCAT", - "languageDocumentationPopover.documentationESQL.concat.markdown": "\n\n ### CONCAT\n Concatène deux ou plusieurs chaînes.\n\n ```\n FROM employees\n | KEEP first_name, last_name\n | EVAL fullname = CONCAT(first_name, \" \", last_name)\n ````\n ", - "languageDocumentationPopover.documentationESQL.cos": "COS", - "languageDocumentationPopover.documentationESQL.cos.markdown": "\n\n ### COS\n Renvoie le cosinus d'un angle.\n\n ````\n ROW a=1.8 \n | EVAL cos=COS(a)\n ````\n ", - "languageDocumentationPopover.documentationESQL.cosh": "COSH", - "languageDocumentationPopover.documentationESQL.cosh.markdown": "\n\n ### COSH\n Renvoie le cosinus hyperbolique d'un angle.\n\n ````\n ROW a=1.8 \n | EVAL cosh=COSH(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.date_diff": "DATE_DIFF", - "languageDocumentationPopover.documentationESQL.date_diff.markdown": "\n\n ### DATE_DIFF\n Soustrait le `startTimestamp` du `endTimestamp` et renvoie la différence en multiples `d'unité`.\n Si `startTimestamp` est postérieur à `endTimestamp`, des valeurs négatives sont renvoyées.\n\n ````\n ROW date1 = TO_DATETIME(\"2023-12-02T11:00:00.000Z\"), date2 = TO_DATETIME(\"2023-12-02T11:00:00.001Z\")\n | EVAL dd_ms = DATE_DIFF(\"microseconds\", date1, date2)\n ````\n ", - "languageDocumentationPopover.documentationESQL.date_extract": "DATE_EXTRACT", - "languageDocumentationPopover.documentationESQL.date_extract.markdown": "\n\n ### DATE_EXTRACT\n Extrait des parties d'une date, telles que l'année, le mois, le jour, l'heure.\n\n ````\n ROW date = DATE_PARSE(\"yyyy-MM-dd\", \"2022-05-06\")\n | EVAL year = DATE_EXTRACT(\"year\", date)\n ````\n ", - "languageDocumentationPopover.documentationESQL.date_format": "DATE_FORMAT", - "languageDocumentationPopover.documentationESQL.date_format.markdown": "\n\n ### DATE_FORMAT\n Renvoie une représentation sous forme de chaîne d'une date dans le format fourni.\n\n ````\n FROM employees\n | KEEP first_name, last_name, hire_date\n | EVAL hired = DATE_FORMAT(\"YYYY-MM-dd\", hire_date)\n ````\n ", - "languageDocumentationPopover.documentationESQL.date_parse": "DATE_PARSE", - "languageDocumentationPopover.documentationESQL.date_parse.markdown": "\n\n ### DATE_PARSE\n Renvoie une date en analysant le deuxième argument selon le format spécifié dans le premier argument.\n\n ````\n ROW date_string = \"2022-05-06\"\n | EVAL date = DATE_PARSE(\"yyyy-MM-dd\", date_string)\n ````\n ", - "languageDocumentationPopover.documentationESQL.date_trunc": "DATE_TRUNC", - "languageDocumentationPopover.documentationESQL.date_trunc.markdown": "\n\n ### DATE_TRUNC\n Arrondit une date à l'intervalle le plus proche.\n\n ```\n FROM employees\n | KEEP first_name, last_name, hire_date\n | EVAL year_hired = DATE_TRUNC(1 year, hire_date)\n ````\n ", - "languageDocumentationPopover.documentationESQL.dissect": "DISSECT", - "languageDocumentationPopover.documentationESQL.dissect.markdown": "### DISSECT\n`DISSECT` vous permet d'extraire des données structurées d'une chaîne. `DISSECT` compare la chaîne à un modèle basé sur les délimiteurs, et extrait les clés indiquées en tant que colonnes.\n\nPour obtenir la syntaxe des modèles \"dissect\", consultez [la documentation relative au processeur \"dissect\"](https://www.elastic.co/guide/en/elasticsearch/reference/current/dissect-processor.html).\n\n```\nROW a = \"1953-01-23T12:15:00Z - some text - 127.0.0.1\"\n| DISSECT a \"%'{Y}-%{M}-%{D}T%{h}:%{m}:%{s}Z - %{msg} - %{ip}'\"\n```` ", - "languageDocumentationPopover.documentationESQL.drop": "DROP", - "languageDocumentationPopover.documentationESQL.drop.markdown": "### DROP\nAfin de supprimer certaines colonnes d'un tableau, utilisez `DROP` :\n \n```\nFROM employees\n| DROP height\n```\n\nPlutôt que de spécifier chaque colonne par son nom, vous pouvez utiliser des caractères génériques pour supprimer toutes les colonnes dont le nom correspond à un modèle :\n\n```\nFROM employees\n| DROP height*\n````\n ", - "languageDocumentationPopover.documentationESQL.e": "E", - "languageDocumentationPopover.documentationESQL.e.markdown": "\n\n ### E\n Retourne le nombre d'Euler.\n\n ````\n ROW E()\n ````\n ", - "languageDocumentationPopover.documentationESQL.ends_with": "ENDS_WITH", - "languageDocumentationPopover.documentationESQL.ends_with.markdown": "\n\n ### ENDS_WITH\n Renvoie une valeur booléenne qui indique si une chaîne de mots-clés se termine par une autre chaîne.\n\n ````\n FROM employees\n | KEEP last_name\n | EVAL ln_E = ENDS_WITH(last_name, \"d\")\n ````\n ", - "languageDocumentationPopover.documentationESQL.enrich": "ENRICH", - "languageDocumentationPopover.documentationESQL.enrich.markdown": "### ENRICH\nVous pouvez utiliser `ENRICH` pour ajouter les données de vos index existants aux enregistrements entrants. Une fonction similaire à l'[enrichissement par ingestion](https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest-enriching-data.html), mais qui fonctionne au moment de la requête.\n\n```\nROW language_code = \"1\"\n| ENRICH languages_policy\n```\n\n`ENRICH` requiert l'exécution d'une [politique d'enrichissement](https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest-enriching-data.html#enrich-policy). La politique d'enrichissement définit un champ de correspondance (un champ clé) et un ensemble de champs d'enrichissement.\n\n`ENRICH` recherche les enregistrements dans l'[index d'enrichissement](https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest-enriching-data.html#enrich-index) en se basant sur la valeur du champ de correspondance. La clé de correspondance dans l'ensemble de données d'entrée peut être définie en utilisant `ON `. Si elle n'est pas spécifiée, la correspondance sera effectuée sur un champ portant le même nom que le champ de correspondance défini dans la politique d'enrichissement.\n\n```\nROW a = \"1\"\n| ENRICH languages_policy ON a\n```\n\nVous pouvez indiquer quels attributs (parmi ceux définis comme champs d'enrichissement dans la politique) doivent être ajoutés au résultat, en utilisant la syntaxe `WITH , ...`.\n\n```\nROW a = \"1\"\n| ENRICH languages_policy ON a WITH language_name\n```\n\nLes attributs peuvent également être renommés à l'aide de la syntaxe `WITH new_name=`\n\n```\nROW a = \"1\"\n| ENRICH languages_policy ON a WITH name = language_name\n````\n\nPar défaut (si aucun `WITH` n'est défini), `ENRICH` ajoute au résultat tous les champs d'enrichissement définis dans la politique d'enrichissement.\n\nEn cas de collision de noms, les champs nouvellement créés remplacent les champs existants.\n ", - "languageDocumentationPopover.documentationESQL.eval": "EVAL", - "languageDocumentationPopover.documentationESQL.eval.markdown": "### EVAL\n`EVAL` permet d'ajouter des colonnes :\n\n````\nFROM employees\n| KEEP first_name, last_name, height\n| EVAL height_feet = height * 3.281, height_cm = height * 100\n````\n\nSi la colonne indiquée existe déjà, la colonne existante sera supprimée et la nouvelle colonne sera ajoutée au tableau :\n\n````\nFROM employees\n| KEEP first_name, last_name, height\n| EVAL height = height * 3.281\n````\n\n#### Fonctions\n`EVAL` prend en charge diverses fonctions de calcul des valeurs. Pour en savoir plus, consultez les fonctions.\n ", - "languageDocumentationPopover.documentationESQL.floor": "FLOOR", - "languageDocumentationPopover.documentationESQL.floor.markdown": "\n\n ### FLOOR\n Arrondir un nombre à l'entier inférieur.\n\n ````\n ROW a=1.8\n | EVAL a=FLOOR(a)\n ````\n Remarque : Il s'agit d'un noop pour `long` (y compris non signé) et `integer`.\n Pour `double`, la fonction choisit la valeur `double` la plus proche de l'entier,\n de manière similaire à Math.floor.\n ", - "languageDocumentationPopover.documentationESQL.from": "FROM", - "languageDocumentationPopover.documentationESQL.from_base64": "FROM_BASE64", - "languageDocumentationPopover.documentationESQL.from_base64.markdown": "\n\n ### FROM_BASE64\n Décodez une chaîne base64.\n\n ````\n row a = \"ZWxhc3RpYw==\" \n | eval d = from_base64(a)\n ````\n ", - "languageDocumentationPopover.documentationESQL.from.markdown": "### FROM\nLa commande source `FROM` renvoie un tableau contenant jusqu'à 10 000 documents issus d'un flux de données, d'un index ou d'un alias. Chaque ligne du tableau obtenu correspond à un document. Chaque colonne correspond à un champ et est accessible par le nom de ce champ.\n\n````\nFROM employees\n````\n\nVous pouvez utiliser des [calculs impliquant des dates](https://www.elastic.co/guide/en/elasticsearch/reference/current/api-conventions.html#api-date-math-index-names) pour désigner les indices, les alias et les flux de données. Cela peut s'avérer utile pour les données temporelles.\n\nUtilisez des listes séparées par des virgules ou des caractères génériques pour rechercher plusieurs flux de données, indices ou alias :\n\n````\nFROM employees-00001,employees-*\n````\n\n#### Métadonnées\n\nES|QL peut accéder aux champs de métadonnées suivants :\n\n* `_index` : l'index auquel appartient le document. Le champ est du type `keyword`.\n* `_id` : l'identifiant du document source. Le champ est du type `keyword`.\n* `_id` : la version du document source. Le champ est du type `long`.\n\nUtilisez la directive `METADATA` pour activer les champs de métadonnées :\n\n````\nFROM index [METADATA _index, _id]\n````\n\nLes champs de métadonnées ne sont disponibles que si la source des données est un index. Par conséquent, `FROM` est la seule commande source qui prend en charge la directive `METADATA`.\n\nUne fois activés, les champs sont disponibles pour les commandes de traitement suivantes, tout comme les autres champs de l'index :\n\n````\nFROM ul_logs, apps [METADATA _index, _version]\n| WHERE id IN (13, 14) AND _version == 1\n| EVAL key = CONCAT(_index, \"_\", TO_STR(id))\n| SORT id, _index\n| KEEP id, _index, _version, key\n````\n\nDe même, comme pour les champs d'index, une fois l'agrégation effectuée, un champ de métadonnées ne sera plus accessible aux commandes suivantes, sauf s'il est utilisé comme champ de regroupement :\n\n````\nFROM employees [METADATA _index, _id]\n| STATS max = MAX(emp_no) BY _index\n````\n ", - "languageDocumentationPopover.documentationESQL.greatest": "GREATEST", - "languageDocumentationPopover.documentationESQL.greatest.markdown": "\n\n ### GREATEST\n Renvoie la valeur maximale de plusieurs colonnes. Similaire à `MV_MAX`\n sauf que ceci est destiné à une exécution sur plusieurs colonnes à la fois.\n\n ````\n ROW a = 10, b = 20\n | EVAL g = GREATEST(a, b)\n ````\n Remarque : Lorsque cette fonction est exécutée sur les champs `keyword` ou `text`, elle renvoie la dernière chaîne dans l'ordre alphabétique. Lorsqu'elle est exécutée sur des colonnes `boolean`, elle renvoie `true` si l'une des valeurs l'est.\n ", - "languageDocumentationPopover.documentationESQL.grok": "GROK", - "languageDocumentationPopover.documentationESQL.grok.markdown": "### GROK\n`GROK` vous permet d'extraire des données structurées d'une chaîne. `GROK` compare la chaîne à des modèles, sur la base d’expressions régulières, et extrait les modèles indiqués en tant que colonnes.\n\nPour obtenir la syntaxe des modèles \"grok\", consultez [la documentation relative au processeur \"grok\"](https://www.elastic.co/guide/en/elasticsearch/reference/current/grok-processor.html).\n\n````\nROW a = \"12 15.5 15.6 true\"\n| GROK a \"%'{NUMBER:b:int}' %'{NUMBER:c:float}' %'{NUMBER:d:double}' %'{WORD:e:boolean}'\"\n````\n ", - "languageDocumentationPopover.documentationESQL.inOperator": "IN", - "languageDocumentationPopover.documentationESQL.inOperator.markdown": "### IN\nL'opérateur `IN` permet de tester si un champ ou une expression est égal à un élément d'une liste de littéraux, de champs ou d'expressions :\n\n````\nROW a = 1, b = 4, c = 3\n| WHERE c-a IN (3, b / 2, a)\n````\n ", - "languageDocumentationPopover.documentationESQL.ip_prefix": "IP_PREFIX", - "languageDocumentationPopover.documentationESQL.ip_prefix.markdown": "\n\n ### IP_PREFIX\n Tronque une adresse IP à une longueur de préfixe donnée.\n\n ````\n row ip4 = to_ip(\"1.2.3.4\"), ip6 = to_ip(\"fe80::cae2:65ff:fece:feb9\")\n | eval ip4_prefix = ip_prefix(ip4, 24, 0), ip6_prefix = ip_prefix(ip6, 0, 112);\n ````\n ", - "languageDocumentationPopover.documentationESQL.keep": "KEEP", - "languageDocumentationPopover.documentationESQL.keep.markdown": "### KEEP\nLa commande `KEEP` permet de définir les colonnes qui seront renvoyées et l'ordre dans lequel elles le seront.\n\nPour limiter les colonnes retournées, utilisez une liste de noms de colonnes séparés par des virgules. Les colonnes sont renvoyées dans l'ordre indiqué :\n \n````\nFROM employees\n| KEEP first_name, last_name, height\n````\n\nPlutôt que de spécifier chaque colonne par son nom, vous pouvez utiliser des caractères génériques pour renvoyer toutes les colonnes dont le nom correspond à un modèle :\n\n````\nFROM employees\n| KEEP h*\n````\n\nLe caractère générique de l'astérisque (\"*\") placé de manière isolée transpose l'ensemble des colonnes qui ne correspondent pas aux autres arguments. La requête suivante renverra en premier lieu toutes les colonnes dont le nom commence par un h, puis toutes les autres colonnes :\n\n````\nFROM employees\n| KEEP h*, *\n````\n ", - "languageDocumentationPopover.documentationESQL.least": "LEAST", - "languageDocumentationPopover.documentationESQL.least.markdown": "\n\n ### LEAST\n Renvoie la valeur minimale de plusieurs colonnes. Cette fonction est similaire à `MV_MIN`. Toutefois, elle est destinée à être exécutée sur plusieurs colonnes à la fois.\n\n ````\n ROW a = 10, b = 20\n | EVAL l = LEAST(a, b)\n ````\n ", - "languageDocumentationPopover.documentationESQL.left": "LEFT", - "languageDocumentationPopover.documentationESQL.left.markdown": "\n\n ### LEFT\n Renvoie la sous-chaîne qui extrait la \"longueur\" des caractères de la \"chaîne\" en partant de la gauche.\n\n ````\n FROM employees\n | KEEP last_name\n | EVAL left = LEFT(last_name, 3)\n | SORT last_name ASC\n | LIMIT 5\n ````\n ", - "languageDocumentationPopover.documentationESQL.length": "LENGHT", - "languageDocumentationPopover.documentationESQL.length.markdown": "\n\n ### LENGTH\n Renvoie la longueur des caractères d'une chaîne.\n\n ````\n FROM employees\n | KEEP first_name, last_name\n | EVAL fn_length = LENGTH(first_name)\n ````\n ", - "languageDocumentationPopover.documentationESQL.limit": "LIMIT", - "languageDocumentationPopover.documentationESQL.limit.markdown": "### LIMIT\nLa commande de traitement `LIMIT` permet de restreindre le nombre de lignes :\n \n````\nFROM employees\n| LIMIT 5\n````\n ", - "languageDocumentationPopover.documentationESQL.locate": "LOCATE", - "languageDocumentationPopover.documentationESQL.locate.markdown": "\n\n ### LOCATE\n Renvoie un entier qui indique la position d'une sous-chaîne de mots-clés dans une autre chaîne\n\n ````\n row a = \"hello\"\n | eval a_ll = locate(a, \"ll\")\n ````\n ", - "languageDocumentationPopover.documentationESQL.log": "LOG", - "languageDocumentationPopover.documentationESQL.log.markdown": "\n\n ### LOG\n Renvoie le logarithme d'une valeur dans une base. La valeur de renvoi est toujours un double, quelle que soit la valeur numérique de l'entrée.\n\n Les journaux de zéros, de nombres négatifs et de base 1 renvoient `null` ainsi qu'un avertissement.\n\n ````\n ROW base = 2.0, value = 8.0\n | EVAL s = LOG(base, value)\n ````\n ", - "languageDocumentationPopover.documentationESQL.log10": "LOG10", - "languageDocumentationPopover.documentationESQL.log10.markdown": "\n\n ### LOG10\n Renvoie le logarithme d'une valeur en base 10. La valeur de renvoi est toujours un double, quelle que soit la valeur numérique de l'entrée.\n\n Les logs de 0 et de nombres négatifs renvoient `null` ainsi qu'un avertissement.\n\n ````\n ROW d = 1000.0 \n | EVAL s = LOG10(d)\n ````\n ", - "languageDocumentationPopover.documentationESQL.ltrim": "LTRIM", - "languageDocumentationPopover.documentationESQL.ltrim.markdown": "\n\n ### LTRIM\n Retire les espaces au début des chaînes.\n\n ````\n ROW message = \" some text \", color = \" red \"\n | EVAL message = LTRIM(message)\n | EVAL color = LTRIM(color)\n | EVAL message = CONCAT(\"'\", message, \"'\")\n | EVAL color = CONCAT(\"'\", color, \"'\")\n ````\n ", - "languageDocumentationPopover.documentationESQL.markdown": "## ES|QL\n\nUne requête ES|QL (langage de requête Elasticsearch) se compose d'une série de commandes, séparées par une barre verticale : `|`. Chaque requête commence par une **commande source**, qui produit un tableau, habituellement avec des données issues d'Elasticsearch. \n\nUne commande source peut être suivie d'une ou plusieurs **commandes de traitement**. Les commandes de traitement peuvent modifier le tableau de sortie de la commande précédente en ajoutant, supprimant ou modifiant les lignes et les colonnes.\n\n````\nsource-command\n| processing-command1\n| processing-command2\n````\n\nLe résultat d'une requête est le tableau produit par la dernière commande de traitement. \n ", - "languageDocumentationPopover.documentationESQL.mv_append": "MV_APPEND", - "languageDocumentationPopover.documentationESQL.mv_append.markdown": "\n\n ### MV_APPEND\n Concatène les valeurs de deux champs à valeurs multiples.\n\n ", - "languageDocumentationPopover.documentationESQL.mv_avg": "MV_AVG", - "languageDocumentationPopover.documentationESQL.mv_avg.markdown": "\n\n ### MV_AVG\n Convertit un champ multivalué en un champ à valeur unique comprenant la moyenne de toutes les valeurs.\n\n ````\n ROW a=[3, 5, 1, 6]\n | EVAL avg_a = MV_AVG(a)\n ````\n ", - "languageDocumentationPopover.documentationESQL.mv_concat": "MV_CONCAT", - "languageDocumentationPopover.documentationESQL.mv_concat.markdown": "\n\n ### MV_CONCAT\n Convertit une expression de type chaîne multivalué en une colonne à valeur unique comprenant la concaténation de toutes les valeurs, séparées par un délimiteur.\n\n ````\n ROW a=[\"foo\", \"zoo\", \"bar\"]\n | EVAL j = MV_CONCAT(a, \", \")\n ````\n ", - "languageDocumentationPopover.documentationESQL.mv_count": "MV_COUNT", - "languageDocumentationPopover.documentationESQL.mv_count.markdown": "\n\n ### MV_COUNT\n Convertit une expression multivaluée en une colonne à valeur unique comprenant le total du nombre de valeurs.\n\n ````\n ROW a=[\"foo\", \"zoo\", \"bar\"]\n | EVAL count_a = MV_COUNT(a)\n ````\n ", - "languageDocumentationPopover.documentationESQL.mv_dedupe": "MV_DEDUPE", - "languageDocumentationPopover.documentationESQL.mv_dedupe.markdown": "\n\n ### MV_DEDUPE\n Supprime les valeurs en doublon d'un champ multivalué.\n\n ````\n ROW a=[\"foo\", \"foo\", \"bar\", \"foo\"]\n | EVAL dedupe_a = MV_DEDUPE(a)\n ````\n Remarque : la fonction `MV_DEDUPE` est en mesure de trier les valeurs de la colonne, mais ne le fait pas systématiquement.\n ", - "languageDocumentationPopover.documentationESQL.mv_first": "MV_FIRST", - "languageDocumentationPopover.documentationESQL.mv_first.markdown": "\n\n ### MV_FIRST\n Convertit une expression multivaluée en une colonne à valeur unique comprenant la\n première valeur. Ceci est particulièrement utile pour lire une fonction qui émet\n des colonnes multivaluées dans un ordre connu, comme `SPLIT`.\n\n L'ordre dans lequel les champs multivalués sont lus à partir\n du stockage sous-jacent n'est pas garanti. Il est *souvent* ascendant, mais ne vous y\n fiez pas. Si vous avez besoin de la valeur minimale, utilisez `MV_MIN` au lieu de\n `MV_FIRST`. `MV_MIN` comporte des optimisations pour les valeurs triées, il n'y a donc aucun\n avantage en matière de performances pour `MV_FIRST`.\n\n ````\n ROW a=\"foo;bar;baz\"\n | EVAL first_a = MV_FIRST(SPLIT(a, \";\"))\n ````\n ", - "languageDocumentationPopover.documentationESQL.mv_last": "MV_LAST", - "languageDocumentationPopover.documentationESQL.mv_last.markdown": "\n\n ### MV_LAST\n Convertit une expression multivaluée en une colonne à valeur unique comprenant la dernière\n valeur. Ceci est particulièrement utile pour lire une fonction qui émet des champs multivalués\n dans un ordre connu, comme `SPLIT`.\n\n L'ordre dans lequel les champs multivalués sont lus à partir\n du stockage sous-jacent n'est pas garanti. Il est *souvent* ascendant, mais ne vous y\n fiez pas. Si vous avez besoin de la valeur maximale, utilisez `MV_MAX` au lieu de\n `MV_LAST`. `MV_MAX` comporte des optimisations pour les valeurs triées, il n'y a donc aucun\n avantage en matière de performances pour `MV_LAST`.\n\n ````\n ROW a=\"foo;bar;baz\"\n | EVAL last_a = MV_LAST(SPLIT(a, \";\"))\n ````\n ", - "languageDocumentationPopover.documentationESQL.mv_max": "MV_MAX", - "languageDocumentationPopover.documentationESQL.mv_max.markdown": "\n\n ### MV_MAX\n Convertit une expression multivaluée en une colonne à valeur unique comprenant la valeur maximale.\n\n ````\n ROW a=[3, 5, 1]\n | EVAL max_a = MV_MAX(a)\n ````\n ", - "languageDocumentationPopover.documentationESQL.mv_median": "MV_MEDIAN", - "languageDocumentationPopover.documentationESQL.mv_median.markdown": "\n\n ### MV_MEDIAN\n Convertit un champ multivalué en un champ à valeur unique comprenant la valeur médiane.\n\n ````\n ROW a=[3, 5, 1]\n | EVAL median_a = MV_MEDIAN(a)\n ````\n ", - "languageDocumentationPopover.documentationESQL.mv_min": "MV_MIN", - "languageDocumentationPopover.documentationESQL.mv_min.markdown": "\n\n ### MV_MIN\n Convertit une expression multivaluée en une colonne à valeur unique comprenant la valeur minimale.\n\n ````\n ROW a=[2, 1]\n | EVAL min_a = MV_MIN(a)\n ````\n ", - "languageDocumentationPopover.documentationESQL.mv_slice": "MV_SLICE", - "languageDocumentationPopover.documentationESQL.mv_slice.markdown": "\n\n ### MV_SLICE\n Renvoie un sous-ensemble du champ multivalué en utilisant les valeurs d'index de début et de fin.\n\n ````\n row a = [1, 2, 2, 3]\n | eval a1 = mv_slice(a, 1), a2 = mv_slice(a, 2, 3)\n ````\n ", - "languageDocumentationPopover.documentationESQL.mv_sort": "MV_SORT", - "languageDocumentationPopover.documentationESQL.mv_sort.markdown": "\n\n ### MV_SORT\n Trie une expression multivaluée par ordre lexicographique.\n\n ````\n ROW a = [4, 2, -3, 2]\n | EVAL sa = mv_sort(a), sd = mv_sort(a, \"DESC\")\n ````\n ", - "languageDocumentationPopover.documentationESQL.mv_sum": "MV_SUM", - "languageDocumentationPopover.documentationESQL.mv_sum.markdown": "\n\n ### MV_SUM\n Convertit un champ multivalué en un champ à valeur unique comprenant la somme de toutes les valeurs.\n\n ````\n ROW a=[3, 5, 6]\n | EVAL sum_a = MV_SUM(a)\n ````\n ", - "languageDocumentationPopover.documentationESQL.mv_zip": "MV_ZIP", - "languageDocumentationPopover.documentationESQL.mv_zip.markdown": "\n\n ### MV_ZIP\n Combine les valeurs de deux champs multivalués avec un délimiteur qui les relie.\n\n ````\n ROW a = [\"x\", \"y\", \"z\"], b = [\"1\", \"2\"]\n | EVAL c = mv_zip(a, b, \"-\")\n | KEEP a, b, c\n ````\n ", - "languageDocumentationPopover.documentationESQL.mvExpand": "MV_EXPAND", - "languageDocumentationPopover.documentationESQL.mvExpand.markdown": "### MV_EXPAND\nLa commande de traitement `MV_EXPAND` développe les champs multivalués en indiquant une valeur par ligne et en dupliquant les autres champs : \n````\nROW a=[1,2,3], b=\"b\", j=[\"a\",\"b\"]\n| MV_EXPAND a\n````\n ", - "languageDocumentationPopover.documentationESQL.now": "NOW", - "languageDocumentationPopover.documentationESQL.now.markdown": "\n\n ### NOW\n Renvoie la date et l'heure actuelles.\n\n ````\n ROW current_date = NOW()\n ````\n ", - "languageDocumentationPopover.documentationESQL.pi": "PI", - "languageDocumentationPopover.documentationESQL.pi.markdown": "\n\n ### PI\n Renvoie Pi, le rapport entre la circonférence et le diamètre d'un cercle.\n\n ````\n ROW PI()\n ````\n ", - "languageDocumentationPopover.documentationESQL.pow": "POW", - "languageDocumentationPopover.documentationESQL.pow.markdown": "\n\n ### POW\n Renvoie la valeur d’une `base` élevée à la puissance d’un `exposant`.\n\n ````\n ROW base = 2.0, exponent = 2\n | EVAL result = POW(base, exponent)\n ````\n Remarque : Il est toujours possible de dépasser un résultat double ici ; dans ce cas, la valeur `null` sera renvoyée.\n ", - "languageDocumentationPopover.documentationESQL.predicates": "valeurs NULL", - "languageDocumentationPopover.documentationESQL.predicates.markdown": "### Valeurs NULL\nPour une comparaison avec une valeur NULL, utilisez les attributs `IS NULL` et `IS NOT NULL` :\n\n````\nFROM employees\n| WHERE birth_date IS NULL\n| KEEP first_name, last_name\n| SORT first_name\n| LIMIT 3\n````\n\n````\nFROM employees\n| WHERE is_rehired IS NOT NULL\n| STATS count(emp_no)\n````\n ", - "languageDocumentationPopover.documentationESQL.rename": "RENAME", - "languageDocumentationPopover.documentationESQL.rename.markdown": "### RENAME\nUtilisez `RENAME` pour renommer une colonne en utilisant la syntaxe suivante :\n\n````\nRENAME AS \n````\n\nPar exemple :\n\n````\nFROM employees\n| KEEP first_name, last_name, still_hired\n| RENAME still_hired AS employed\n````\n\nSi une colonne portant le nouveau nom existe déjà, elle sera remplacée par la nouvelle colonne.\n\nPlusieurs colonnes peuvent être renommées à l'aide d'une seule commande `RENAME` :\n\n````\nFROM employees\n| KEEP first_name, last_name\n| RENAME first_name AS fn, last_name AS ln\n````\n ", - "languageDocumentationPopover.documentationESQL.repeat": "REPEAT", - "languageDocumentationPopover.documentationESQL.repeat.markdown": "\n\n ### REPEAT\n Renvoie une chaîne construite par la concaténation de la `chaîne` avec elle-même, le `nombre` de fois spécifié.\n\n ````\n ROW a = \"Hello!\"\n | EVAL triple_a = REPEAT(a, 3);\n ````\n ", - "languageDocumentationPopover.documentationESQL.replace": "REPLACE", - "languageDocumentationPopover.documentationESQL.replace.markdown": "\n\n ### REPLACE\n La fonction remplace dans la chaîne `str` toutes les correspondances avec l'expression régulière `regex`\n par la chaîne de remplacement `newStr`.\n\n ````\n ROW str = \"Hello World\"\n | EVAL str = REPLACE(str, \"World\", \"Universe\")\n | KEEP str\n ````\n ", - "languageDocumentationPopover.documentationESQL.right": "RIGHT", - "languageDocumentationPopover.documentationESQL.right.markdown": "\n\n ### RIGHT\n Renvoie la sous-chaîne qui extrait la longueur des caractères de `str` en partant de la droite.\n\n ````\n FROM employees\n | KEEP last_name\n | EVAL right = RIGHT(last_name, 3)\n | SORT last_name ASC\n | LIMIT 5\n ````\n ", - "languageDocumentationPopover.documentationESQL.round": "ROUND", - "languageDocumentationPopover.documentationESQL.round.markdown": "\n\n ### ROUND\n Arrondit un nombre au nombre spécifié de décimales.\n La valeur par défaut est 0, qui renvoie l'entier le plus proche. Si le\n nombre de décimales spécifié est négatif, la fonction arrondit au nombre de décimales à gauche\n de la virgule.\n\n ````\n FROM employees\n | KEEP first_name, last_name, height\n | EVAL height_ft = ROUND(height * 3.281, 1)\n ````\n ", - "languageDocumentationPopover.documentationESQL.row": "ROW", - "languageDocumentationPopover.documentationESQL.row.markdown": "### ROW\nLa commande source `ROW` renvoie une ligne contenant une ou plusieurs colonnes avec les valeurs que vous spécifiez. Cette commande peut s'avérer utile pour les tests.\n \n````\nROW a = 1, b = \"two\", c = null\n````\n\nUtilisez des crochets pour créer des colonnes à valeurs multiples :\n\n````\nROW a = [2, 1]\n````\n\nROW permet d'utiliser des fonctions :\n\n````\nROW a = ROUND(1.23, 0)\n````\n ", - "languageDocumentationPopover.documentationESQL.rtrim": "RTRIM", - "languageDocumentationPopover.documentationESQL.rtrim.markdown": "\n\n ### RTRIM\n Supprime les espaces à la fin des chaînes.\n\n ````\n ROW message = \" some text \", color = \" red \"\n | EVAL message = RTRIM(message)\n | EVAL color = RTRIM(color)\n | EVAL message = CONCAT(\"'\", message, \"'\")\n | EVAL color = CONCAT(\"'\", color, \"'\")\n ````\n ", - "languageDocumentationPopover.documentationESQL.show": "SHOW", - "languageDocumentationPopover.documentationESQL.show.markdown": "### SHOW\nLa commande source `SHOW ` renvoie des informations sur le déploiement et ses capacités :\n\n* Utilisez `SHOW INFO` pour renvoyer la version du déploiement, la date de compilation et le hachage.\n* Utilisez `SHOW FUNCTIONS` pour renvoyer une liste de toutes les fonctions prises en charge et un résumé de chaque fonction.\n ", - "languageDocumentationPopover.documentationESQL.signum": "SIGNUM", - "languageDocumentationPopover.documentationESQL.signum.markdown": "\n\n ### SIGNUM\n Renvoie le signe du nombre donné.\n Il renvoie `-1` pour les nombres négatifs, `0` pour `0` et `1` pour les nombres positifs.\n\n ````\n ROW d = 100.0\n | EVAL s = SIGNUM(d)\n ````\n ", - "languageDocumentationPopover.documentationESQL.sin": "SIN", - "languageDocumentationPopover.documentationESQL.sin.markdown": "\n\n ### SIN\n Renvoie la fonction trigonométrique sinusoïdale d'un angle.\n\n ````\n ROW a=1.8 \n | EVAL sin=SIN(a)\n ````\n ", - "languageDocumentationPopover.documentationESQL.sinh": "SINH", - "languageDocumentationPopover.documentationESQL.sinh.markdown": "\n\n ### SINH\n Renvoie le sinus hyperbolique d'un angle.\n\n ````\n ROW a=1.8 \n | EVAL sinh=SINH(a)\n ````\n ", - "languageDocumentationPopover.documentationESQL.sort": "SORT", - "languageDocumentationPopover.documentationESQL.sort.markdown": "### SORT\nUtilisez la commande `SORT` pour trier les lignes sur un ou plusieurs champs :\n\n````\nFROM employees\n| KEEP first_name, last_name, height\n| SORT height\n````\n\nL'ordre de tri par défaut est croissant. Définissez un ordre de tri explicite en utilisant `ASC` ou `DESC` :\n\n````\nFROM employees\n| KEEP first_name, last_name, height\n| SORT height DESC\n````\n\nSi deux lignes disposent de la même clé de tri, l'ordre original sera préservé. Vous pouvez ajouter des expressions de tri pour départager les deux lignes :\n\n````\nFROM employees\n| KEEP first_name, last_name, height\n| SORT height DESC, first_name ASC\n````\n\n#### valeurs `null`\nPar défaut, les valeurs `null` sont considérées comme étant supérieures à toutes les autres valeurs. Selon un ordre de tri croissant, les valeurs `null` sont classées en dernier. Selon un ordre de tri décroissant, les valeurs `null` sont classées en premier. Pour modifier cet ordre, utilisez `NULLS FIRST` ou `NULLS LAST` :\n\n````\nFROM employees\n| KEEP first_name, last_name, height\n| SORT first_name ASC NULLS FIRST\n````\n ", - "languageDocumentationPopover.documentationESQL.split": "SPLIT", - "languageDocumentationPopover.documentationESQL.split.markdown": "\n\n ### SPLIT\n Divise une chaîne de valeur unique en plusieurs chaînes.\n\n ````\n ROW words=\"foo;bar;baz;qux;quux;corge\"\n | EVAL word = SPLIT(words, \";\")\n ````\n ", - "languageDocumentationPopover.documentationESQL.sqrt": "SQRT", - "languageDocumentationPopover.documentationESQL.sqrt.markdown": "\n\n ### SQRT\n Renvoie la racine carrée d'un nombre. La valeur de renvoi est toujours un double, quelle que soit la valeur numérique de l'entrée.\n Les racines carrées des nombres négatifs et des infinis sont nulles.\n\n ````\n ROW d = 100.0\n | EVAL s = SQRT(d)\n ````\n ", - "languageDocumentationPopover.documentationESQL.st_contains": "ST_CONTAINS", - "languageDocumentationPopover.documentationESQL.st_contains.markdown": "\n\n ### ST_CONTAINS\n Renvoie si la première géométrie contient la deuxième géométrie.\n Il s'agit de l'inverse de la fonction `ST_WITHIN`.\n\n ````\n FROM airport_city_boundaries\n | WHERE ST_CONTAINS(city_boundary, TO_GEOSHAPE(\"POLYGON((109.35 18.3, 109.45 18.3, 109.45 18.4, 109.35 18.4, 109.35 18.3))\"))\n | KEEP abbrev, airport, region, city, city_location\n ````\n ", - "languageDocumentationPopover.documentationESQL.st_disjoint": "ST_DISJOINT", - "languageDocumentationPopover.documentationESQL.st_disjoint.markdown": "\n\n ### ST_DISJOINT\n Renvoie si les deux géométries ou colonnes géométriques sont disjointes.\n Il s'agit de l'inverse de la fonction `ST_INTERSECTS`.\n En termes mathématiques : ST_Disjoint(A, B) ⇔ A ⋂ B = ∅\n\n ````\n FROM airport_city_boundaries\n | WHERE ST_DISJOINT(city_boundary, TO_GEOSHAPE(\"POLYGON((-10 -60, 120 -60, 120 60, -10 60, -10 -60))\"))\n | KEEP abbrev, airport, region, city, city_location\n ````\n ", - "languageDocumentationPopover.documentationESQL.st_distance": "ST_DISTANCE", - "languageDocumentationPopover.documentationESQL.st_distance.markdown": "\n\n ### ST_DISTANCE\n Calcule la distance entre deux points.\n Pour les géométries cartésiennes, c’est la distance pythagoricienne dans les mêmes unités que les coordonnées d'origine.\n Pour les géométries géographiques, c’est la distance circulaire le long du grand cercle en mètres.\n\n ````\n Aéroports FROM\n | WHERE abbrev == \"CPH\"\n | EVAL distance = ST_DISTANCE(location, city_location)\n | KEEP abbrev, name, location, city_location, distance\n ````\n ", - "languageDocumentationPopover.documentationESQL.st_intersects": "ST_INTERSECTS", - "languageDocumentationPopover.documentationESQL.st_intersects.markdown": "\n\n ### ST_INTERSECTS\n Renvoie `true` (vrai) si deux géométries se croisent.\n Elles se croisent si elles ont un point commun, y compris leurs points intérieurs\n (les points situés le long des lignes ou dans des polygones).\n Il s'agit de l'inverse de la fonction `ST_DISJOINT`.\n En termes mathématiques : ST_Intersects(A, B) ⇔ A ⋂ B ≠ ∅\n\n ````\n Aéroports FROM\n | WHERE ST_INTERSECTS(location, TO_GEOSHAPE(\"POLYGON((42 14, 43 14, 43 15, 42 15, 42 14))\"))\n ````\n ", - "languageDocumentationPopover.documentationESQL.st_within": "ST_WITHIN", - "languageDocumentationPopover.documentationESQL.st_within.markdown": "\n\n ### ST_WITHIN\n Renvoie si la première géométrie est à l'intérieur de la deuxième géométrie.\n Il s'agit de l'inverse de la fonction `ST_CONTAINS`.\n\n ````\n FROM airport_city_boundaries\n | WHERE ST_WITHIN(city_boundary, TO_GEOSHAPE(\"POLYGON((109.1 18.15, 109.6 18.15, 109.6 18.65, 109.1 18.65, 109.1 18.15))\"))\n | KEEP abbrev, airport, region, city, city_location\n ````\n ", - "languageDocumentationPopover.documentationESQL.st_x": "ST_X", - "languageDocumentationPopover.documentationESQL.st_x.markdown": "\n\n ### ST_X\n Extrait la coordonnée `x` du point fourni.\n Si les points sont de type `geo_point`, cela revient à extraire la valeur de la `longitude`.\n\n ````\n ROW point = TO_GEOPOINT(\"POINT(42.97109629958868 14.7552534006536)\")\n | EVAL x = ST_X(point), y = ST_Y(point)\n ````\n ", - "languageDocumentationPopover.documentationESQL.st_y": "ST_Y", - "languageDocumentationPopover.documentationESQL.st_y.markdown": "\n\n ### ST_Y\n Extrait la coordonnée `y` du point fourni.\n Si les points sont de type `geo_point`, cela revient à extraire la valeur de la `latitude`.\n\n ````\n ROW point = TO_GEOPOINT(\"POINT(42.97109629958868 14.7552534006536)\")\n | EVAL x = ST_X(point), y = ST_Y(point)\n ````\n ", - "languageDocumentationPopover.documentationESQL.starts_with": "STARTS_WITH", - "languageDocumentationPopover.documentationESQL.starts_with.markdown": "\n\n ### STARTS_WITH\n Renvoie un booléen qui indique si une chaîne de mot-clés débute par une autre chaîne.\n\n ````\n FROM employees\n | KEEP last_name\n | EVAL ln_S = STARTS_WITH(last_name, \"B\")\n ````\n ", - "languageDocumentationPopover.documentationESQL.statsby": "STATS ... BY", - "languageDocumentationPopover.documentationESQL.statsby.markdown": "### STATS ... BY\nUtilisez `STATS ... BY` pour regrouper les lignes en fonction d'une valeur commune et calculer une ou plusieurs valeurs agrégées sur les lignes regroupées.\n\n**Exemples** :\n\n````\nFROM employees\n| STATS count = COUNT(emp_no) BY languages\n| SORT languages\n````\n\nSi `BY` est omis, le tableau de sortie contient exactement une ligne avec les agrégations appliquées sur l'ensemble des données :\n\n````\nFROM employees\n| STATS avg_lang = AVG(languages)\n````\n\nIl est possible de calculer plusieurs valeurs :\n\n````\nFROM employees\n| STATS avg_lang = AVG(languages), max_lang = MAX(languages)\n````\n\nIl est également possible d'effectuer des regroupements en fonction de plusieurs valeurs (uniquement pour les champs longs et les champs de la famille de mots-clés) :\n\n````\nFROM employees\n| EVAL hired = DATE_FORMAT(hire_date, \"YYYY\")\n| STATS avg_salary = AVG(salary) BY hired, languages.long\n| EVAL avg_salary = ROUND(avg_salary)\n| SORT hired, languages.long\n````\n\nConsultez la rubrique **Fonctions d'agrégation** pour obtenir la liste des fonctions pouvant être utilisées avec `STATS ... BY`.\n\nLes fonctions d'agrégation et les expressions de regroupement acceptent toutes deux d'autres fonctions. Ceci est utile pour utiliser `STATS...BY` sur des colonnes à valeur multiple. Par exemple, pour calculer l'évolution moyenne du salaire, vous pouvez utiliser `MV_AVG` pour faire la moyenne des multiples valeurs par employé, et utiliser le résultat avec la fonction `AVG` :\n\n````\nFROM employees\n| STATS avg_salary_change = AVG(MV_AVG(salary_change))\n````\n\nLe regroupement par expression est par exemple le regroupement des employés en fonction de la première lettre de leur nom de famille :\n\n````\nFROM employees\n| STATS my_count = COUNT() BY LEFT(last_name, 1)\n| SORT \"LEFT(last_name, 1)\"\n````\n\nIl n'est pas obligatoire d'indiquer le nom de la colonne de sortie. S'il n'est pas spécifié, le nouveau nom de la colonne est égal à l'expression. La requête suivante renvoie une colonne appelée `AVG(salary)` :\n\n````\nFROM employees\n| STATS AVG(salary)\n````\n\nComme ce nom contient des caractères spéciaux, il doit être placé entre deux caractères (`) lorsqu'il est utilisé dans des commandes suivantes :\n\n````\nFROM employees\n| STATS AVG(salary)\n| EVAL avg_salary_rounded = ROUND(\"AVG(salary)\")\n````\n\n**Remarque** : `STATS` sans aucun groupe est beaucoup plus rapide que l'ajout d'un groupe.\n\n**Remarque** : Le regroupement sur une seule expression est actuellement beaucoup plus optimisé que le regroupement sur plusieurs expressions.\n ", - "languageDocumentationPopover.documentationESQL.stringOperators": "LIKE et RLIKE", - "languageDocumentationPopover.documentationESQL.stringOperators.markdown": "### LIKE et RLIKE\nPour comparer des chaînes en utilisant des caractères génériques ou des expressions régulières, utilisez `LIKE` ou `RLIKE` :\n\nUtilisez `LIKE` pour faire correspondre des chaînes à l'aide de caractères génériques. Les caractères génériques suivants sont pris en charge :\n\n* `*` correspond à zéro caractère ou plus.\n* `?` correspond à un seul caractère.\n\n````\nFROM employees\n| WHERE first_name LIKE \"?b*\"\n| KEEP first_name, last_name\n````\n\nUtilisez `RLIKE` pour faire correspondre des chaînes à l'aide d'expressions régulières :\n\n````\nFROM employees\n| WHERE first_name RLIKE \".leja.*\"\n| KEEP first_name, last_name\n````\n ", - "languageDocumentationPopover.documentationESQL.substring": "SUBSTRING", - "languageDocumentationPopover.documentationESQL.substring.markdown": "\n\n ### SUBSTRING\n Renvoie la sous-chaîne d'une chaîne, délimitée en fonction d'une position de départ et d'une longueur facultative\n\n ````\n FROM employees\n | KEEP last_name\n | EVAL ln_sub = SUBSTRING(last_name, 1, 3)\n ````\n ", - "languageDocumentationPopover.documentationESQL.tan": "TAN", - "languageDocumentationPopover.documentationESQL.tan.markdown": "\n\n ### TAN\n Renvoie la fonction trigonométrique Tangente d'un angle.\n\n ````\n ROW a=1.8 \n | EVAL tan=TAN(a)\n ````\n ", - "languageDocumentationPopover.documentationESQL.tanh": "TANH", - "languageDocumentationPopover.documentationESQL.tanh.markdown": "\n\n ### TANH\n Renvoie la fonction hyperbolique Tangente d'un angle.\n\n ````\n ROW a=1.8 \n | EVAL tanh=TANH(a)\n ````\n ", - "languageDocumentationPopover.documentationESQL.tau": "TAU", - "languageDocumentationPopover.documentationESQL.tau.markdown": "\n\n ### TAU\n Renvoie le rapport entre la circonférence et le rayon d'un cercle.\n\n ````\n ROW TAU()\n ````\n ", - "languageDocumentationPopover.documentationESQL.to_base64": "TO_BASE64", - "languageDocumentationPopover.documentationESQL.to_base64.markdown": "\n\n ### TO_BASE64\n Encode une chaîne en chaîne base64.\n\n ````\n row a = \"elastic\" \n | eval e = to_base64(a)\n ````\n ", - "languageDocumentationPopover.documentationESQL.to_boolean": "TO_BOOLEAN", - "languageDocumentationPopover.documentationESQL.to_boolean.markdown": "\n\n ### TO_BOOLEAN\n Convertit une valeur d'entrée en une valeur booléenne.\n Une chaîne de valeur *true* sera convertie, sans tenir compte de la casse, en une valeur booléenne *true*.\n Pour toute autre valeur, y compris une chaîne vide, la fonction renverra *false*.\n La valeur numérique *0* sera convertie en *false*, toute autre valeur sera convertie en *true*.\n\n ````\n ROW str = [\"true\", \"TRuE\", \"false\", \"\", \"yes\", \"1\"]\n | EVAL bool = TO_BOOLEAN(str)\n ````\n ", - "languageDocumentationPopover.documentationESQL.to_cartesianpoint": "TO_CARTESIANPOINT", - "languageDocumentationPopover.documentationESQL.to_cartesianpoint.markdown": "\n\n ### TO_CARTESIANPOINT\n Convertit la valeur d'une entrée en une valeur `cartesian_point`.\n Une chaîne ne sera convertie que si elle respecte le format WKT Point.\n\n ````\n ROW wkt = [\"POINT(4297.11 -1475.53)\", \"POINT(7580.93 2272.77)\"]\n | MV_EXPAND wkt\n | EVAL pt = TO_CARTESIANPOINT(wkt)\n ````\n ", - "languageDocumentationPopover.documentationESQL.to_cartesianshape": "TO_CARTESIANSHAPE", - "languageDocumentationPopover.documentationESQL.to_cartesianshape.markdown": "\n\n ### TO_CARTESIANSHAPE\n Convertit une valeur d'entrée en une valeur `cartesian_shape`.\n Une chaîne ne sera convertie que si elle respecte le format WKT.\n\n ````\n ROW wkt = [\"POINT(4297.11 -1475.53)\", \"POLYGON ((3339584.72 1118889.97, 4452779.63 4865942.27, 2226389.81 4865942.27, 1113194.90 2273030.92, 3339584.72 1118889.97))\"]\n | MV_EXPAND wkt\n | EVAL geom = TO_CARTESIANSHAPE(wkt)\n ````\n ", - "languageDocumentationPopover.documentationESQL.to_datetime": "TO_DATETIME", - "languageDocumentationPopover.documentationESQL.to_datetime.markdown": "\n\n ### TO_DATETIME\n Convertit une valeur d'entrée en une valeur de date.\n Une chaîne ne sera convertie que si elle respecte le format `yyyy-MM-dd'T'HH:mm:ss.SSS'Z'`.\n Pour convertir des dates vers d'autres formats, utilisez `DATE_PARSE`.\n\n ````\n ROW string = [\"1953-09-02T00:00:00.000Z\", \"1964-06-02T00:00:00.000Z\", \"1964-06-02 00:00:00\"]\n | EVAL datetime = TO_DATETIME(string)\n ````\n ", - "languageDocumentationPopover.documentationESQL.to_degrees": "TO_DEGREES", - "languageDocumentationPopover.documentationESQL.to_degrees.markdown": "\n\n ### TO_DEGREES\n Convertit un nombre en radians en degrés.\n\n ````\n ROW rad = [1.57, 3.14, 4.71]\n | EVAL deg = TO_DEGREES(rad)\n ````\n ", - "languageDocumentationPopover.documentationESQL.to_double": "TO_DOUBLE", - "languageDocumentationPopover.documentationESQL.to_double.markdown": "\n\n ### TO_DOUBLE\n Convertit une valeur d'entrée en une valeur double. Si le paramètre d'entrée est de type date,\n sa valeur sera interprétée en millisecondes depuis l'heure Unix,\n convertie en double. Le booléen *true* sera converti en double *1.0*, et *false* en *0.0*.\n\n ````\n ROW str1 = \"5.20128E11\", str2 = \"foo\"\n | EVAL dbl = TO_DOUBLE(\"520128000000\"), dbl1 = TO_DOUBLE(str1), dbl2 = TO_DOUBLE(str2)\n ````\n ", - "languageDocumentationPopover.documentationESQL.to_geopoint": "TO_GEOPOINT", - "languageDocumentationPopover.documentationESQL.to_geopoint.markdown": "\n\n ### TO_GEOPOINT\n Convertit une valeur d'entrée en une valeur `geo_point`.\n Une chaîne ne sera convertie que si elle respecte le format WKT Point.\n\n ````\n ROW wkt = \"POINT(42.97109630194 14.7552534413725)\"\n | EVAL pt = TO_GEOPOINT(wkt)\n ````\n ", - "languageDocumentationPopover.documentationESQL.to_geoshape": "TO_GEOSHAPE", - "languageDocumentationPopover.documentationESQL.to_geoshape.markdown": "\n\n ### TO_GEOSHAPE\n Convertit une valeur d'entrée en une valeur `geo_shape`.\n Une chaîne ne sera convertie que si elle respecte le format WKT.\n\n ````\n ROW wkt = \"POLYGON ((30 10, 40 40, 20 40, 10 20, 30 10))\"\n | EVAL geom = TO_GEOSHAPE(wkt)\n ````\n ", - "languageDocumentationPopover.documentationESQL.to_integer": "TO_INTEGER", - "languageDocumentationPopover.documentationESQL.to_integer.markdown": "\n\n ### TO_INTEGER\n Convertit une valeur d'entrée en une valeur entière.\n Si le paramètre d'entrée est de type date, sa valeur sera interprétée en millisecondes\n depuis l'heure Unix, convertie en entier.\n Le booléen *true* sera converti en entier *1*, et *false* en *0*.\n\n ````\n ROW long = [5013792, 2147483647, 501379200000]\n | EVAL int = TO_INTEGER(long)\n ````\n ", - "languageDocumentationPopover.documentationESQL.to_ip": "TO_IP", - "languageDocumentationPopover.documentationESQL.to_ip.markdown": "\n\n ### TO_IP\n Convertit une chaîne d'entrée en valeur IP.\n\n ````\n ROW str1 = \"1.1.1.1\", str2 = \"foo\"\n | EVAL ip1 = TO_IP(str1), ip2 = TO_IP(str2)\n | WHERE CIDR_MATCH(ip1, \"1.0.0.0/8\")\n ````\n ", - "languageDocumentationPopover.documentationESQL.to_long": "TO_LONG", - "languageDocumentationPopover.documentationESQL.to_long.markdown": "\n\n ### TO_LONG\n Convertit une valeur d'entrée en une valeur longue. Si le paramètre d'entrée est de type date,\n sa valeur sera interprétée en millisecondes depuis l'heure Unix, convertie en valeur longue.\n Le booléen *true* sera converti en valeur longue *1*, et *false* en *0*.\n\n ````\n ROW str1 = \"2147483648\", str2 = \"2147483648.2\", str3 = \"foo\"\n | EVAL long1 = TO_LONG(str1), long2 = TO_LONG(str2), long3 = TO_LONG(str3)\n ````\n ", - "languageDocumentationPopover.documentationESQL.to_lower": "TO_LOWER", - "languageDocumentationPopover.documentationESQL.to_lower.markdown": "\n\n ### TO_LOWER\n Renvoie une nouvelle chaîne représentant la chaîne d'entrée convertie en minuscules.\n\n ````\n ROW message = \"Some Text\"\n | EVAL message_lower = TO_LOWER(message)\n ````\n ", - "languageDocumentationPopover.documentationESQL.to_radians": "TO_RADIANS", - "languageDocumentationPopover.documentationESQL.to_radians.markdown": "\n\n ### TO_RADIANS\n Convertit un nombre en degrés en radians.\n\n ````\n ROW deg = [90.0, 180.0, 270.0]\n | EVAL rad = TO_RADIANS(deg)\n ````\n ", - "languageDocumentationPopover.documentationESQL.to_string": "TO_STRING", - "languageDocumentationPopover.documentationESQL.to_string.markdown": "\n\n ### TO_STRING\n Convertit une valeur d'entrée en une chaîne.\n\n ````\n ROW a=10\n | EVAL j = TO_STRING(a)\n ````\n ", - "languageDocumentationPopover.documentationESQL.to_unsigned_long": "TO_UNSIGNED_LONG", - "languageDocumentationPopover.documentationESQL.to_unsigned_long.markdown": "\n\n ### TO_UNSIGNED_LONG\n Convertit une valeur d'entrée en une valeur longue non signée. Si le paramètre d'entrée est de type date,\n sa valeur sera interprétée en millisecondes depuis l'heure Unix, convertie en valeur longue non signée.\n Le booléen *true* sera converti en valeur longue non signée *1*, et *false* en *0*.\n\n ````\n ROW str1 = \"2147483648\", str2 = \"2147483648.2\", str3 = \"foo\"\n | EVAL long1 = TO_UNSIGNED_LONG(str1), long2 = TO_ULONG(str2), long3 = TO_UL(str3)\n ````\n ", - "languageDocumentationPopover.documentationESQL.to_upper": "TO_UPPER", - "languageDocumentationPopover.documentationESQL.to_upper.markdown": "\n\n ### TO_UPPER\n Renvoie une nouvelle chaîne représentant la chaîne d'entrée convertie en majuscules.\n\n ````\n ROW message = \"Some Text\"\n | EVAL message_upper = TO_UPPER(message)\n ````\n ", - "languageDocumentationPopover.documentationESQL.to_version": "TO_VERSION", - "languageDocumentationPopover.documentationESQL.to_version.markdown": "\n\n ### TO_VERSION\n Convertit une chaîne d'entrée en une valeur de version.\n\n ````\n ROW v = TO_VERSION(\"1.2.3\")\n ````\n ", - "languageDocumentationPopover.documentationESQL.trim": "TRIM", - "languageDocumentationPopover.documentationESQL.trim.markdown": "\n\n ### TRIM\n Supprime les espaces de début et de fin d'une chaîne.\n\n ````\n ROW message = \" some text \", color = \" red \"\n | EVAL message = TRIM(message)\n | EVAL color = TRIM(color)\n ````\n ", - "languageDocumentationPopover.documentationESQL.where": "WHERE", - "languageDocumentationPopover.documentationESQL.where.markdown": "### WHERE\nUtilisez `WHERE` afin d'obtenir un tableau qui comprend toutes les lignes du tableau d'entrée pour lesquelles la condition fournie est évaluée à `true` :\n \n````\nFROM employees\n| KEEP first_name, last_name, still_hired\n| WHERE still_hired == true\n````\n\n#### Opérateurs\n\nPour obtenir un aperçu des opérateurs pris en charge, consultez la section **Opérateurs**.\n\n#### Fonctions\n`WHERE` prend en charge diverses fonctions de calcul des valeurs. Pour en savoir plus, consultez la section **Fonctions**.\n ", + "languageDocumentation.documentationESQL.abs": "ABS", + "languageDocumentation.documentationESQL.abs.markdown": "\n\n ### ABS\n Renvoie la valeur absolue.\n\n ````\n Numéro ROW = -1.0 \n | EVAL abs_number = ABS(number)\n ````\n ", + "languageDocumentation.documentationESQL.acos": "ACOS", + "languageDocumentation.documentationESQL.acos.markdown": "\n\n ### ACOS\n Renvoie l'arc cosinus de `n` sous forme d'angle, exprimé en radians.\n\n ````\n ROW a=.9\n | EVAL acos=ACOS(a)\n ````\n ", + "languageDocumentation.documentationESQL.asin": "ASIN", + "languageDocumentation.documentationESQL.asin.markdown": "\n\n ### ASIN\n Renvoie l'arc sinus de l'entrée\n expression numérique sous forme d'angle, exprimée en radians.\n\n ````\n ROW a=.9\n | EVAL asin=ASIN(a)\n ````\n ", + "languageDocumentation.documentationESQL.atan": "ATAN", + "languageDocumentation.documentationESQL.atan.markdown": "\n\n ### ATAN\n Renvoie l'arc tangente de l'entrée\n expression numérique sous forme d'angle, exprimée en radians.\n\n ````\n ROW a=.12.9\n | EVAL atan=ATAN(a)\n ````\n ", + "languageDocumentation.documentationESQL.atan2": "ATAN2", + "languageDocumentation.documentationESQL.atan2.markdown": "\n\n ### ATAN2\n L'angle entre l'axe positif des x et le rayon allant de\n l'origine au point (x , y) dans le plan cartésien, exprimée en radians.\n\n ````\n ROW y=12.9, x=.6\n | EVAL atan2=ATAN2(y, x)\n ````\n ", + "languageDocumentation.documentationESQL.autoBucketFunction": "COMPARTIMENT", + "languageDocumentation.documentationESQL.autoBucketFunction.markdown": "### COMPARTIMENT\nCréer des groupes de valeurs, des compartiments (\"buckets\"), à partir d'une entrée d'un numéro ou d'un horodatage. La taille des compartiments peut être fournie directement ou choisie selon une plage de valeurs et de décompte recommandée.\n\n`BUCKET` a deux modes de fonctionnement : \n\n1. Dans lequel la taille du compartiment est calculée selon la recommandation de décompte d'un compartiment (quatre paramètres) et une plage.\n2. Dans lequel la taille du compartiment est fournie directement (deux paramètres).\n\nAvec un nombre cible de compartiments, le début d'une plage et la fin d'une plage, `BUCKET` choisit une taille de compartiment appropriée afin de générer le nombre cible de compartiments ou moins.\n\nPar exemple, demander jusqu'à 20 compartiments pour une année organisera les données en intervalles mensuels :\n\n````\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hire_date = MV_SORT(VALUES(hire_date)) BY month = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT hire_date\n````\n\n**REMARQUE** : Le but n'est pas de fournir le nombre précis de compartiments, mais plutôt de sélectionner une plage qui fournit, tout au plus, le nombre cible de compartiments.\n\nVous pouvez combiner `BUCKET` avec une agrégation pour créer un histogramme :\n\n````\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hires_per_month = COUNT(*) BY month = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT month\n````\n\n**REMARQUE** : `BUCKET` ne crée pas de compartiments qui ne correspondent à aucun document. C'est pourquoi, dans l'exemple précédent, il manque 1985-03-01 ainsi que d'autres dates.\n\nDemander d'autres compartiments peut résulter en une plage réduite. Par exemple, demander jusqu'à 100 compartiments en un an résulte en des compartiments hebdomadaires :\n\n````\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hires_per_week = COUNT(*) BY week = BUCKET(hire_date, 100, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT week\n````\n\n**REMARQUE** : `AUTO_BUCKET` ne filtre aucune ligne. Il n'utilise que la plage fournie pour choisir une taille de compartiment appropriée. Pour les lignes dont la valeur se situe en dehors de la plage, il renvoie une valeur de compartiment qui correspond à un compartiment situé en dehors de la plage. Associez `BUCKET` à `WHERE` pour filtrer les lignes.\n\nSi la taille de compartiment désirée est connue à l'avance, fournissez-la comme second argument, en ignorant la plage :\n\n````\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hires_per_week = COUNT(*) BY week = BUCKET(hire_date, 1 week)\n| SORT week\n````\n\n**REMARQUE** : Lorsque vous fournissez la taille du compartiment comme second argument, ce dernier doit être une période temporelle ou une durée.\n\n`BUCKET` peut également être utilisé pour des champs numériques. Par exemple, pour créer un histogramme de salaire :\n\n````\nFROM employees\n| STATS COUNT(*) by bs = BUCKET(salary, 20, 25324, 74999)\n| SORT bs\n````\n\nContrairement à l'exemple précédent qui filtre intentionnellement sur une plage temporelle, vous n'avez pas souvent besoin de filtrer sur une plage numérique. Vous devez trouver les valeurs min et max séparément. ES|QL n'a pas encore de façon aisée d'effectuer cette opération automatiquement.\n\nLa plage peut être ignorée si la taille désirée de compartiment est connue à l'avance. Fournissez-la simplement comme second argument :\n\n````\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS c = COUNT(1) BY b = BUCKET(salary, 5000.)\n| SORT b\n````\n\n**REMARQUE** : Lorsque vous fournissez la taille du compartiment comme second argument, elle doit être de type à **virgule flottante**.\n\nVoici un exemple sur comment créer des compartiments horaires pour les dernières 24 heures, et calculer le nombre d'événements par heure :\n\n````\nFROM sample_data\n| WHERE @timestamp >= NOW() - 1 day and @timestamp < NOW()\n| STATS COUNT(*) BY bucket = BUCKET(@timestamp, 25, NOW() - 1 day, NOW())\n````\n\nVoici un exemple permettant de créer des compartiments mensuels pour l'année 1985, et calculer le salaire moyen par mois d'embauche :\n\n````\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS AVG(salary) BY bucket = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT bucket\n````\n\n`BUCKET` peut être utilisé pour les parties de groupage et d'agrégation de la commande `STATS …​ BY ...`, tant que la partie d'agrégation de la fonction est **référencée par un alias défini dans la partie de groupage**, ou que celle-ci est invoquée avec exactement la même expression.\n\nPar exemple :\n\n````\nFROM employees\n| STATS s1 = b1 + 1, s2 = BUCKET(salary / 1000 + 999, 50.) + 2 BY b1 = BUCKET(salary / 100 + 99, 50.), b2 = BUCKET(salary / 1000 + 999, 50.)\n| SORT b1, b2\n| KEEP s1, b1, s2, b2\n````\n ", + "languageDocumentation.documentationESQL.binaryOperators": "Opérateurs binaires", + "languageDocumentation.documentationESQL.binaryOperators.markdown": "### Opérateurs binaires\nLes opérateurs de comparaison binaire suivants sont pris en charge :\n\n* égalité : `==`\n* inégalité : `!=`\n* inférieur à : `<`\n* inférieur ou égal à : `<=`\n* supérieur à : `>`\n* supérieur ou égal à : `>=`\n* ajouter : `+`\n* soustraire : `-`\n* multiplier par : `*`\n* diviser par : `/`\n* module : `%`\n ", + "languageDocumentation.documentationESQL.booleanOperators": "Opérateurs booléens", + "languageDocumentation.documentationESQL.booleanOperators.markdown": "### Opérateurs booléens\nLes opérateurs booléens suivants sont pris en charge :\n\n* `AND`\n* `OR`\n* `NOT`\n ", + "languageDocumentation.documentationESQL.bucket": "COMPARTIMENT", + "languageDocumentation.documentationESQL.bucket.markdown": "\n\n ### COMPARTIMENT\n Créer des groupes de valeurs, des compartiments (\"buckets\"), à partir d'une entrée d'un numéro ou d'un horodatage.\n La taille des compartiments peut être fournie directement ou choisie selon une plage de valeurs et de décompte recommandée.\n\n ````\n FROM employees\n | WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n | STATS hire_date = MV_SORT(VALUES(hire_date)) BY month = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n | SORT hire_date\n ````\n ", + "languageDocumentation.documentationESQL.case": "CASE", + "languageDocumentation.documentationESQL.case.markdown": "\n\n ### CAS\n Accepte les paires de conditions et de valeurs. La fonction renvoie la valeur qui\n appartient à la première condition étant évaluée comme `true`.\n\n Si le nombre d'arguments est impair, le dernier argument est la valeur par défaut qui est\n renvoyée si aucune condition ne correspond. Si le nombre d'arguments est pair, et\n qu'aucune condition ne correspond, la fonction renvoie `null`.\n\n ````\n FROM employees\n | EVAL type = CASE(\n languages <= 1, \"monolingual\",\n languages <= 2, \"bilingual\",\n \"polyglot\")\n | KEEP emp_no, languages, type\n ````\n ", + "languageDocumentation.documentationESQL.castOperator": "Cast (::)", + "languageDocumentation.documentationESQL.castOperator.markdown": "### CAST (`::`)\nL'opérateur `::` fournit une syntaxe alternative pratique au type de converstion de fonction `TO_`.\n\nExemple :\n````\nROW ver = CONCAT((\"0\"::INT + 1)::STRING, \".2.3\")::VERSION\n````\n ", + "languageDocumentation.documentationESQL.cbrt": "CBRT", + "languageDocumentation.documentationESQL.cbrt.markdown": "\n\n ### CBRT\n Renvoie la racine cubique d'un nombre. La valeur de renvoi est toujours un double, quelle que soit la valeur numérique de l'entrée.\n La racine cubique de l’infini est nulle.\n\n ````\n ROW d = 1000.0\n | EVAL c = cbrt(d)\n ````\n ", + "languageDocumentation.documentationESQL.ceil": "CEIL", + "languageDocumentation.documentationESQL.ceil.markdown": "\n\n ### CEIL\n Arrondir un nombre à l'entier supérieur.\n\n ```\n ROW a=1.8\n | EVAL a=CEIL(a)\n ```\n Remarque : Il s'agit d'un noop pour `long` (y compris non signé) et `integer`. Pour `double`, la fonction choisit la valeur `double` la plus proche de l'entier, de manière similaire à la méthode Math.ceil.\n ", + "languageDocumentation.documentationESQL.cidr_match": "CIDR_MATCH", + "languageDocumentation.documentationESQL.cidr_match.markdown": "\n\n ### CIDR_MATCH\n Renvoie `true` si l'IP fournie est contenue dans l'un des blocs CIDR fournis.\n\n ````\n FROM hosts \n | WHERE CIDR_MATCH(ip1, \"127.0.0.2/32\", \"127.0.0.3/32\") \n | KEEP card, host, ip0, ip1\n ````\n ", + "languageDocumentation.documentationESQL.coalesce": "COALESCE", + "languageDocumentation.documentationESQL.coalesce.markdown": "\n\n ### COALESCE\n Renvoie le premier de ses arguments qui n'est pas nul. Si tous les arguments sont nuls, `null` est renvoyé.\n\n ````\n ROW a=null, b=\"b\"\n | EVAL COALESCE(a, b)\n ````\n ", + "languageDocumentation.documentationESQL.concat": "CONCAT", + "languageDocumentation.documentationESQL.concat.markdown": "\n\n ### CONCAT\n Concatène deux ou plusieurs chaînes.\n\n ```\n FROM employees\n | KEEP first_name, last_name\n | EVAL fullname = CONCAT(first_name, \" \", last_name)\n ````\n ", + "languageDocumentation.documentationESQL.cos": "COS", + "languageDocumentation.documentationESQL.cos.markdown": "\n\n ### COS\n Renvoie le cosinus d'un angle.\n\n ````\n ROW a=1.8 \n | EVAL cos=COS(a)\n ````\n ", + "languageDocumentation.documentationESQL.cosh": "COSH", + "languageDocumentation.documentationESQL.cosh.markdown": "\n\n ### COSH\n Renvoie le cosinus hyperbolique d'un angle.\n\n ````\n ROW a=1.8 \n | EVAL cosh=COSH(a)\n ```\n ", + "languageDocumentation.documentationESQL.date_diff": "DATE_DIFF", + "languageDocumentation.documentationESQL.date_diff.markdown": "\n\n ### DATE_DIFF\n Soustrait le `startTimestamp` du `endTimestamp` et renvoie la différence en multiples `d'unité`.\n Si `startTimestamp` est postérieur à `endTimestamp`, des valeurs négatives sont renvoyées.\n\n ````\n ROW date1 = TO_DATETIME(\"2023-12-02T11:00:00.000Z\"), date2 = TO_DATETIME(\"2023-12-02T11:00:00.001Z\")\n | EVAL dd_ms = DATE_DIFF(\"microseconds\", date1, date2)\n ````\n ", + "languageDocumentation.documentationESQL.date_extract": "DATE_EXTRACT", + "languageDocumentation.documentationESQL.date_extract.markdown": "\n\n ### DATE_EXTRACT\n Extrait des parties d'une date, telles que l'année, le mois, le jour, l'heure.\n\n ````\n ROW date = DATE_PARSE(\"yyyy-MM-dd\", \"2022-05-06\")\n | EVAL year = DATE_EXTRACT(\"year\", date)\n ````\n ", + "languageDocumentation.documentationESQL.date_format": "DATE_FORMAT", + "languageDocumentation.documentationESQL.date_format.markdown": "\n\n ### DATE_FORMAT\n Renvoie une représentation sous forme de chaîne d'une date dans le format fourni.\n\n ````\n FROM employees\n | KEEP first_name, last_name, hire_date\n | EVAL hired = DATE_FORMAT(\"YYYY-MM-dd\", hire_date)\n ````\n ", + "languageDocumentation.documentationESQL.date_parse": "DATE_PARSE", + "languageDocumentation.documentationESQL.date_parse.markdown": "\n\n ### DATE_PARSE\n Renvoie une date en analysant le deuxième argument selon le format spécifié dans le premier argument.\n\n ````\n ROW date_string = \"2022-05-06\"\n | EVAL date = DATE_PARSE(\"yyyy-MM-dd\", date_string)\n ````\n ", + "languageDocumentation.documentationESQL.date_trunc": "DATE_TRUNC", + "languageDocumentation.documentationESQL.date_trunc.markdown": "\n\n ### DATE_TRUNC\n Arrondit une date à l'intervalle le plus proche.\n\n ```\n FROM employees\n | KEEP first_name, last_name, hire_date\n | EVAL year_hired = DATE_TRUNC(1 year, hire_date)\n ````\n ", + "languageDocumentation.documentationESQL.dissect": "DISSECT", + "languageDocumentation.documentationESQL.dissect.markdown": "### DISSECT\n`DISSECT` vous permet d'extraire des données structurées d'une chaîne. `DISSECT` compare la chaîne à un modèle basé sur les délimiteurs, et extrait les clés indiquées en tant que colonnes.\n\nPour obtenir la syntaxe des modèles \"dissect\", consultez [la documentation relative au processeur \"dissect\"](https://www.elastic.co/guide/en/elasticsearch/reference/current/dissect-processor.html).\n\n```\nROW a = \"1953-01-23T12:15:00Z - some text - 127.0.0.1\"\n| DISSECT a \"%'{Y}-%{M}-%{D}T%{h}:%{m}:%{s}Z - %{msg} - %{ip}'\"\n```` ", + "languageDocumentation.documentationESQL.drop": "DROP", + "languageDocumentation.documentationESQL.drop.markdown": "### DROP\nAfin de supprimer certaines colonnes d'un tableau, utilisez `DROP` :\n \n```\nFROM employees\n| DROP height\n```\n\nPlutôt que de spécifier chaque colonne par son nom, vous pouvez utiliser des caractères génériques pour supprimer toutes les colonnes dont le nom correspond à un modèle :\n\n```\nFROM employees\n| DROP height*\n````\n ", + "languageDocumentation.documentationESQL.e": "E", + "languageDocumentation.documentationESQL.e.markdown": "\n\n ### E\n Retourne le nombre d'Euler.\n\n ````\n ROW E()\n ````\n ", + "languageDocumentation.documentationESQL.ends_with": "ENDS_WITH", + "languageDocumentation.documentationESQL.ends_with.markdown": "\n\n ### ENDS_WITH\n Renvoie une valeur booléenne qui indique si une chaîne de mots-clés se termine par une autre chaîne.\n\n ````\n FROM employees\n | KEEP last_name\n | EVAL ln_E = ENDS_WITH(last_name, \"d\")\n ````\n ", + "languageDocumentation.documentationESQL.enrich": "ENRICH", + "languageDocumentation.documentationESQL.enrich.markdown": "### ENRICH\nVous pouvez utiliser `ENRICH` pour ajouter les données de vos index existants aux enregistrements entrants. Une fonction similaire à l'[enrichissement par ingestion](https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest-enriching-data.html), mais qui fonctionne au moment de la requête.\n\n```\nROW language_code = \"1\"\n| ENRICH languages_policy\n```\n\n`ENRICH` requiert l'exécution d'une [politique d'enrichissement](https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest-enriching-data.html#enrich-policy). La politique d'enrichissement définit un champ de correspondance (un champ clé) et un ensemble de champs d'enrichissement.\n\n`ENRICH` recherche les enregistrements dans l'[index d'enrichissement](https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest-enriching-data.html#enrich-index) en se basant sur la valeur du champ de correspondance. La clé de correspondance dans l'ensemble de données d'entrée peut être définie en utilisant `ON `. Si elle n'est pas spécifiée, la correspondance sera effectuée sur un champ portant le même nom que le champ de correspondance défini dans la politique d'enrichissement.\n\n```\nROW a = \"1\"\n| ENRICH languages_policy ON a\n```\n\nVous pouvez indiquer quels attributs (parmi ceux définis comme champs d'enrichissement dans la politique) doivent être ajoutés au résultat, en utilisant la syntaxe `WITH , ...`.\n\n```\nROW a = \"1\"\n| ENRICH languages_policy ON a WITH language_name\n```\n\nLes attributs peuvent également être renommés à l'aide de la syntaxe `WITH new_name=`\n\n```\nROW a = \"1\"\n| ENRICH languages_policy ON a WITH name = language_name\n````\n\nPar défaut (si aucun `WITH` n'est défini), `ENRICH` ajoute au résultat tous les champs d'enrichissement définis dans la politique d'enrichissement.\n\nEn cas de collision de noms, les champs nouvellement créés remplacent les champs existants.\n ", + "languageDocumentation.documentationESQL.eval": "EVAL", + "languageDocumentation.documentationESQL.eval.markdown": "### EVAL\n`EVAL` permet d'ajouter des colonnes :\n\n````\nFROM employees\n| KEEP first_name, last_name, height\n| EVAL height_feet = height * 3.281, height_cm = height * 100\n````\n\nSi la colonne indiquée existe déjà, la colonne existante sera supprimée et la nouvelle colonne sera ajoutée au tableau :\n\n````\nFROM employees\n| KEEP first_name, last_name, height\n| EVAL height = height * 3.281\n````\n\n#### Fonctions\n`EVAL` prend en charge diverses fonctions de calcul des valeurs. Pour en savoir plus, consultez les fonctions.\n ", + "languageDocumentation.documentationESQL.floor": "FLOOR", + "languageDocumentation.documentationESQL.floor.markdown": "\n\n ### FLOOR\n Arrondir un nombre à l'entier inférieur.\n\n ````\n ROW a=1.8\n | EVAL a=FLOOR(a)\n ````\n Remarque : Il s'agit d'un noop pour `long` (y compris non signé) et `integer`.\n Pour `double`, la fonction choisit la valeur `double` la plus proche de l'entier,\n de manière similaire à Math.floor.\n ", + "languageDocumentation.documentationESQL.from": "FROM", + "languageDocumentation.documentationESQL.from_base64": "FROM_BASE64", + "languageDocumentation.documentationESQL.from_base64.markdown": "\n\n ### FROM_BASE64\n Décodez une chaîne base64.\n\n ````\n row a = \"ZWxhc3RpYw==\" \n | eval d = from_base64(a)\n ````\n ", + "languageDocumentation.documentationESQL.from.markdown": "### FROM\nLa commande source `FROM` renvoie un tableau contenant jusqu'à 10 000 documents issus d'un flux de données, d'un index ou d'un alias. Chaque ligne du tableau obtenu correspond à un document. Chaque colonne correspond à un champ et est accessible par le nom de ce champ.\n\n````\nFROM employees\n````\n\nVous pouvez utiliser des [calculs impliquant des dates](https://www.elastic.co/guide/en/elasticsearch/reference/current/api-conventions.html#api-date-math-index-names) pour désigner les indices, les alias et les flux de données. Cela peut s'avérer utile pour les données temporelles.\n\nUtilisez des listes séparées par des virgules ou des caractères génériques pour rechercher plusieurs flux de données, indices ou alias :\n\n````\nFROM employees-00001,employees-*\n````\n\n#### Métadonnées\n\nES|QL peut accéder aux champs de métadonnées suivants :\n\n* `_index` : l'index auquel appartient le document. Le champ est du type `keyword`.\n* `_id` : l'identifiant du document source. Le champ est du type `keyword`.\n* `_id` : la version du document source. Le champ est du type `long`.\n\nUtilisez la directive `METADATA` pour activer les champs de métadonnées :\n\n````\nFROM index [METADATA _index, _id]\n````\n\nLes champs de métadonnées ne sont disponibles que si la source des données est un index. Par conséquent, `FROM` est la seule commande source qui prend en charge la directive `METADATA`.\n\nUne fois activés, les champs sont disponibles pour les commandes de traitement suivantes, tout comme les autres champs de l'index :\n\n````\nFROM ul_logs, apps [METADATA _index, _version]\n| WHERE id IN (13, 14) AND _version == 1\n| EVAL key = CONCAT(_index, \"_\", TO_STR(id))\n| SORT id, _index\n| KEEP id, _index, _version, key\n````\n\nDe même, comme pour les champs d'index, une fois l'agrégation effectuée, un champ de métadonnées ne sera plus accessible aux commandes suivantes, sauf s'il est utilisé comme champ de regroupement :\n\n````\nFROM employees [METADATA _index, _id]\n| STATS max = MAX(emp_no) BY _index\n````\n ", + "languageDocumentation.documentationESQL.greatest": "GREATEST", + "languageDocumentation.documentationESQL.greatest.markdown": "\n\n ### GREATEST\n Renvoie la valeur maximale de plusieurs colonnes. Similaire à `MV_MAX`\n sauf que ceci est destiné à une exécution sur plusieurs colonnes à la fois.\n\n ````\n ROW a = 10, b = 20\n | EVAL g = GREATEST(a, b)\n ````\n Remarque : Lorsque cette fonction est exécutée sur les champs `keyword` ou `text`, elle renvoie la dernière chaîne dans l'ordre alphabétique. Lorsqu'elle est exécutée sur des colonnes `boolean`, elle renvoie `true` si l'une des valeurs l'est.\n ", + "languageDocumentation.documentationESQL.grok": "GROK", + "languageDocumentation.documentationESQL.grok.markdown": "### GROK\n`GROK` vous permet d'extraire des données structurées d'une chaîne. `GROK` compare la chaîne à des modèles, sur la base d’expressions régulières, et extrait les modèles indiqués en tant que colonnes.\n\nPour obtenir la syntaxe des modèles \"grok\", consultez [la documentation relative au processeur \"grok\"](https://www.elastic.co/guide/en/elasticsearch/reference/current/grok-processor.html).\n\n````\nROW a = \"12 15.5 15.6 true\"\n| GROK a \"%'{NUMBER:b:int}' %'{NUMBER:c:float}' %'{NUMBER:d:double}' %'{WORD:e:boolean}'\"\n````\n ", + "languageDocumentation.documentationESQL.inOperator": "IN", + "languageDocumentation.documentationESQL.inOperator.markdown": "### IN\nL'opérateur `IN` permet de tester si un champ ou une expression est égal à un élément d'une liste de littéraux, de champs ou d'expressions :\n\n````\nROW a = 1, b = 4, c = 3\n| WHERE c-a IN (3, b / 2, a)\n````\n ", + "languageDocumentation.documentationESQL.ip_prefix": "IP_PREFIX", + "languageDocumentation.documentationESQL.ip_prefix.markdown": "\n\n ### IP_PREFIX\n Tronque une adresse IP à une longueur de préfixe donnée.\n\n ````\n row ip4 = to_ip(\"1.2.3.4\"), ip6 = to_ip(\"fe80::cae2:65ff:fece:feb9\")\n | eval ip4_prefix = ip_prefix(ip4, 24, 0), ip6_prefix = ip_prefix(ip6, 0, 112);\n ````\n ", + "languageDocumentation.documentationESQL.keep": "KEEP", + "languageDocumentation.documentationESQL.keep.markdown": "### KEEP\nLa commande `KEEP` permet de définir les colonnes qui seront renvoyées et l'ordre dans lequel elles le seront.\n\nPour limiter les colonnes retournées, utilisez une liste de noms de colonnes séparés par des virgules. Les colonnes sont renvoyées dans l'ordre indiqué :\n \n````\nFROM employees\n| KEEP first_name, last_name, height\n````\n\nPlutôt que de spécifier chaque colonne par son nom, vous pouvez utiliser des caractères génériques pour renvoyer toutes les colonnes dont le nom correspond à un modèle :\n\n````\nFROM employees\n| KEEP h*\n````\n\nLe caractère générique de l'astérisque (\"*\") placé de manière isolée transpose l'ensemble des colonnes qui ne correspondent pas aux autres arguments. La requête suivante renverra en premier lieu toutes les colonnes dont le nom commence par un h, puis toutes les autres colonnes :\n\n````\nFROM employees\n| KEEP h*, *\n````\n ", + "languageDocumentation.documentationESQL.least": "LEAST", + "languageDocumentation.documentationESQL.least.markdown": "\n\n ### LEAST\n Renvoie la valeur minimale de plusieurs colonnes. Cette fonction est similaire à `MV_MIN`. Toutefois, elle est destinée à être exécutée sur plusieurs colonnes à la fois.\n\n ````\n ROW a = 10, b = 20\n | EVAL l = LEAST(a, b)\n ````\n ", + "languageDocumentation.documentationESQL.left": "LEFT", + "languageDocumentation.documentationESQL.left.markdown": "\n\n ### LEFT\n Renvoie la sous-chaîne qui extrait la \"longueur\" des caractères de la \"chaîne\" en partant de la gauche.\n\n ````\n FROM employees\n | KEEP last_name\n | EVAL left = LEFT(last_name, 3)\n | SORT last_name ASC\n | LIMIT 5\n ````\n ", + "languageDocumentation.documentationESQL.length": "LENGHT", + "languageDocumentation.documentationESQL.length.markdown": "\n\n ### LENGTH\n Renvoie la longueur des caractères d'une chaîne.\n\n ````\n FROM employees\n | KEEP first_name, last_name\n | EVAL fn_length = LENGTH(first_name)\n ````\n ", + "languageDocumentation.documentationESQL.limit": "LIMIT", + "languageDocumentation.documentationESQL.limit.markdown": "### LIMIT\nLa commande de traitement `LIMIT` permet de restreindre le nombre de lignes :\n \n````\nFROM employees\n| LIMIT 5\n````\n ", + "languageDocumentation.documentationESQL.locate": "LOCATE", + "languageDocumentation.documentationESQL.locate.markdown": "\n\n ### LOCATE\n Renvoie un entier qui indique la position d'une sous-chaîne de mots-clés dans une autre chaîne\n\n ````\n row a = \"hello\"\n | eval a_ll = locate(a, \"ll\")\n ````\n ", + "languageDocumentation.documentationESQL.log": "LOG", + "languageDocumentation.documentationESQL.log.markdown": "\n\n ### LOG\n Renvoie le logarithme d'une valeur dans une base. La valeur de renvoi est toujours un double, quelle que soit la valeur numérique de l'entrée.\n\n Les journaux de zéros, de nombres négatifs et de base 1 renvoient `null` ainsi qu'un avertissement.\n\n ````\n ROW base = 2.0, value = 8.0\n | EVAL s = LOG(base, value)\n ````\n ", + "languageDocumentation.documentationESQL.log10": "LOG10", + "languageDocumentation.documentationESQL.log10.markdown": "\n\n ### LOG10\n Renvoie le logarithme d'une valeur en base 10. La valeur de renvoi est toujours un double, quelle que soit la valeur numérique de l'entrée.\n\n Les logs de 0 et de nombres négatifs renvoient `null` ainsi qu'un avertissement.\n\n ````\n ROW d = 1000.0 \n | EVAL s = LOG10(d)\n ````\n ", + "languageDocumentation.documentationESQL.ltrim": "LTRIM", + "languageDocumentation.documentationESQL.ltrim.markdown": "\n\n ### LTRIM\n Retire les espaces au début des chaînes.\n\n ````\n ROW message = \" some text \", color = \" red \"\n | EVAL message = LTRIM(message)\n | EVAL color = LTRIM(color)\n | EVAL message = CONCAT(\"'\", message, \"'\")\n | EVAL color = CONCAT(\"'\", color, \"'\")\n ````\n ", + "languageDocumentation.documentationESQL.markdown": "## ES|QL\n\nUne requête ES|QL (langage de requête Elasticsearch) se compose d'une série de commandes, séparées par une barre verticale : `|`. Chaque requête commence par une **commande source**, qui produit un tableau, habituellement avec des données issues d'Elasticsearch. \n\nUne commande source peut être suivie d'une ou plusieurs **commandes de traitement**. Les commandes de traitement peuvent modifier le tableau de sortie de la commande précédente en ajoutant, supprimant ou modifiant les lignes et les colonnes.\n\n````\nsource-command\n| processing-command1\n| processing-command2\n````\n\nLe résultat d'une requête est le tableau produit par la dernière commande de traitement. \n ", + "languageDocumentation.documentationESQL.mv_append": "MV_APPEND", + "languageDocumentation.documentationESQL.mv_append.markdown": "\n\n ### MV_APPEND\n Concatène les valeurs de deux champs à valeurs multiples.\n\n ", + "languageDocumentation.documentationESQL.mv_avg": "MV_AVG", + "languageDocumentation.documentationESQL.mv_avg.markdown": "\n\n ### MV_AVG\n Convertit un champ multivalué en un champ à valeur unique comprenant la moyenne de toutes les valeurs.\n\n ````\n ROW a=[3, 5, 1, 6]\n | EVAL avg_a = MV_AVG(a)\n ````\n ", + "languageDocumentation.documentationESQL.mv_concat": "MV_CONCAT", + "languageDocumentation.documentationESQL.mv_concat.markdown": "\n\n ### MV_CONCAT\n Convertit une expression de type chaîne multivalué en une colonne à valeur unique comprenant la concaténation de toutes les valeurs, séparées par un délimiteur.\n\n ````\n ROW a=[\"foo\", \"zoo\", \"bar\"]\n | EVAL j = MV_CONCAT(a, \", \")\n ````\n ", + "languageDocumentation.documentationESQL.mv_count": "MV_COUNT", + "languageDocumentation.documentationESQL.mv_count.markdown": "\n\n ### MV_COUNT\n Convertit une expression multivaluée en une colonne à valeur unique comprenant le total du nombre de valeurs.\n\n ````\n ROW a=[\"foo\", \"zoo\", \"bar\"]\n | EVAL count_a = MV_COUNT(a)\n ````\n ", + "languageDocumentation.documentationESQL.mv_dedupe": "MV_DEDUPE", + "languageDocumentation.documentationESQL.mv_dedupe.markdown": "\n\n ### MV_DEDUPE\n Supprime les valeurs en doublon d'un champ multivalué.\n\n ````\n ROW a=[\"foo\", \"foo\", \"bar\", \"foo\"]\n | EVAL dedupe_a = MV_DEDUPE(a)\n ````\n Remarque : la fonction `MV_DEDUPE` est en mesure de trier les valeurs de la colonne, mais ne le fait pas systématiquement.\n ", + "languageDocumentation.documentationESQL.mv_first": "MV_FIRST", + "languageDocumentation.documentationESQL.mv_first.markdown": "\n\n ### MV_FIRST\n Convertit une expression multivaluée en une colonne à valeur unique comprenant la\n première valeur. Ceci est particulièrement utile pour lire une fonction qui émet\n des colonnes multivaluées dans un ordre connu, comme `SPLIT`.\n\n L'ordre dans lequel les champs multivalués sont lus à partir\n du stockage sous-jacent n'est pas garanti. Il est *souvent* ascendant, mais ne vous y\n fiez pas. Si vous avez besoin de la valeur minimale, utilisez `MV_MIN` au lieu de\n `MV_FIRST`. `MV_MIN` comporte des optimisations pour les valeurs triées, il n'y a donc aucun\n avantage en matière de performances pour `MV_FIRST`.\n\n ````\n ROW a=\"foo;bar;baz\"\n | EVAL first_a = MV_FIRST(SPLIT(a, \";\"))\n ````\n ", + "languageDocumentation.documentationESQL.mv_last": "MV_LAST", + "languageDocumentation.documentationESQL.mv_last.markdown": "\n\n ### MV_LAST\n Convertit une expression multivaluée en une colonne à valeur unique comprenant la dernière\n valeur. Ceci est particulièrement utile pour lire une fonction qui émet des champs multivalués\n dans un ordre connu, comme `SPLIT`.\n\n L'ordre dans lequel les champs multivalués sont lus à partir\n du stockage sous-jacent n'est pas garanti. Il est *souvent* ascendant, mais ne vous y\n fiez pas. Si vous avez besoin de la valeur maximale, utilisez `MV_MAX` au lieu de\n `MV_LAST`. `MV_MAX` comporte des optimisations pour les valeurs triées, il n'y a donc aucun\n avantage en matière de performances pour `MV_LAST`.\n\n ````\n ROW a=\"foo;bar;baz\"\n | EVAL last_a = MV_LAST(SPLIT(a, \";\"))\n ````\n ", + "languageDocumentation.documentationESQL.mv_max": "MV_MAX", + "languageDocumentation.documentationESQL.mv_max.markdown": "\n\n ### MV_MAX\n Convertit une expression multivaluée en une colonne à valeur unique comprenant la valeur maximale.\n\n ````\n ROW a=[3, 5, 1]\n | EVAL max_a = MV_MAX(a)\n ````\n ", + "languageDocumentation.documentationESQL.mv_median": "MV_MEDIAN", + "languageDocumentation.documentationESQL.mv_median.markdown": "\n\n ### MV_MEDIAN\n Convertit un champ multivalué en un champ à valeur unique comprenant la valeur médiane.\n\n ````\n ROW a=[3, 5, 1]\n | EVAL median_a = MV_MEDIAN(a)\n ````\n ", + "languageDocumentation.documentationESQL.mv_min": "MV_MIN", + "languageDocumentation.documentationESQL.mv_min.markdown": "\n\n ### MV_MIN\n Convertit une expression multivaluée en une colonne à valeur unique comprenant la valeur minimale.\n\n ````\n ROW a=[2, 1]\n | EVAL min_a = MV_MIN(a)\n ````\n ", + "languageDocumentation.documentationESQL.mv_slice": "MV_SLICE", + "languageDocumentation.documentationESQL.mv_slice.markdown": "\n\n ### MV_SLICE\n Renvoie un sous-ensemble du champ multivalué en utilisant les valeurs d'index de début et de fin.\n\n ````\n row a = [1, 2, 2, 3]\n | eval a1 = mv_slice(a, 1), a2 = mv_slice(a, 2, 3)\n ````\n ", + "languageDocumentation.documentationESQL.mv_sort": "MV_SORT", + "languageDocumentation.documentationESQL.mv_sort.markdown": "\n\n ### MV_SORT\n Trie une expression multivaluée par ordre lexicographique.\n\n ````\n ROW a = [4, 2, -3, 2]\n | EVAL sa = mv_sort(a), sd = mv_sort(a, \"DESC\")\n ````\n ", + "languageDocumentation.documentationESQL.mv_sum": "MV_SUM", + "languageDocumentation.documentationESQL.mv_sum.markdown": "\n\n ### MV_SUM\n Convertit un champ multivalué en un champ à valeur unique comprenant la somme de toutes les valeurs.\n\n ````\n ROW a=[3, 5, 6]\n | EVAL sum_a = MV_SUM(a)\n ````\n ", + "languageDocumentation.documentationESQL.mv_zip": "MV_ZIP", + "languageDocumentation.documentationESQL.mv_zip.markdown": "\n\n ### MV_ZIP\n Combine les valeurs de deux champs multivalués avec un délimiteur qui les relie.\n\n ````\n ROW a = [\"x\", \"y\", \"z\"], b = [\"1\", \"2\"]\n | EVAL c = mv_zip(a, b, \"-\")\n | KEEP a, b, c\n ````\n ", + "languageDocumentation.documentationESQL.mvExpand": "MV_EXPAND", + "languageDocumentation.documentationESQL.mvExpand.markdown": "### MV_EXPAND\nLa commande de traitement `MV_EXPAND` développe les champs multivalués en indiquant une valeur par ligne et en dupliquant les autres champs : \n````\nROW a=[1,2,3], b=\"b\", j=[\"a\",\"b\"]\n| MV_EXPAND a\n````\n ", + "languageDocumentation.documentationESQL.now": "NOW", + "languageDocumentation.documentationESQL.now.markdown": "\n\n ### NOW\n Renvoie la date et l'heure actuelles.\n\n ````\n ROW current_date = NOW()\n ````\n ", + "languageDocumentation.documentationESQL.pi": "PI", + "languageDocumentation.documentationESQL.pi.markdown": "\n\n ### PI\n Renvoie Pi, le rapport entre la circonférence et le diamètre d'un cercle.\n\n ````\n ROW PI()\n ````\n ", + "languageDocumentation.documentationESQL.pow": "POW", + "languageDocumentation.documentationESQL.pow.markdown": "\n\n ### POW\n Renvoie la valeur d’une `base` élevée à la puissance d’un `exposant`.\n\n ````\n ROW base = 2.0, exponent = 2\n | EVAL result = POW(base, exponent)\n ````\n Remarque : Il est toujours possible de dépasser un résultat double ici ; dans ce cas, la valeur `null` sera renvoyée.\n ", + "languageDocumentation.documentationESQL.predicates": "valeurs NULL", + "languageDocumentation.documentationESQL.predicates.markdown": "### Valeurs NULL\nPour une comparaison avec une valeur NULL, utilisez les attributs `IS NULL` et `IS NOT NULL` :\n\n````\nFROM employees\n| WHERE birth_date IS NULL\n| KEEP first_name, last_name\n| SORT first_name\n| LIMIT 3\n````\n\n````\nFROM employees\n| WHERE is_rehired IS NOT NULL\n| STATS count(emp_no)\n````\n ", + "languageDocumentation.documentationESQL.rename": "RENAME", + "languageDocumentation.documentationESQL.rename.markdown": "### RENAME\nUtilisez `RENAME` pour renommer une colonne en utilisant la syntaxe suivante :\n\n````\nRENAME AS \n````\n\nPar exemple :\n\n````\nFROM employees\n| KEEP first_name, last_name, still_hired\n| RENAME still_hired AS employed\n````\n\nSi une colonne portant le nouveau nom existe déjà, elle sera remplacée par la nouvelle colonne.\n\nPlusieurs colonnes peuvent être renommées à l'aide d'une seule commande `RENAME` :\n\n````\nFROM employees\n| KEEP first_name, last_name\n| RENAME first_name AS fn, last_name AS ln\n````\n ", + "languageDocumentation.documentationESQL.repeat": "REPEAT", + "languageDocumentation.documentationESQL.repeat.markdown": "\n\n ### REPEAT\n Renvoie une chaîne construite par la concaténation de la `chaîne` avec elle-même, le `nombre` de fois spécifié.\n\n ````\n ROW a = \"Hello!\"\n | EVAL triple_a = REPEAT(a, 3);\n ````\n ", + "languageDocumentation.documentationESQL.replace": "REPLACE", + "languageDocumentation.documentationESQL.replace.markdown": "\n\n ### REPLACE\n La fonction remplace dans la chaîne `str` toutes les correspondances avec l'expression régulière `regex`\n par la chaîne de remplacement `newStr`.\n\n ````\n ROW str = \"Hello World\"\n | EVAL str = REPLACE(str, \"World\", \"Universe\")\n | KEEP str\n ````\n ", + "languageDocumentation.documentationESQL.right": "RIGHT", + "languageDocumentation.documentationESQL.right.markdown": "\n\n ### RIGHT\n Renvoie la sous-chaîne qui extrait la longueur des caractères de `str` en partant de la droite.\n\n ````\n FROM employees\n | KEEP last_name\n | EVAL right = RIGHT(last_name, 3)\n | SORT last_name ASC\n | LIMIT 5\n ````\n ", + "languageDocumentation.documentationESQL.round": "ROUND", + "languageDocumentation.documentationESQL.round.markdown": "\n\n ### ROUND\n Arrondit un nombre au nombre spécifié de décimales.\n La valeur par défaut est 0, qui renvoie l'entier le plus proche. Si le\n nombre de décimales spécifié est négatif, la fonction arrondit au nombre de décimales à gauche\n de la virgule.\n\n ````\n FROM employees\n | KEEP first_name, last_name, height\n | EVAL height_ft = ROUND(height * 3.281, 1)\n ````\n ", + "languageDocumentation.documentationESQL.row": "ROW", + "languageDocumentation.documentationESQL.row.markdown": "### ROW\nLa commande source `ROW` renvoie une ligne contenant une ou plusieurs colonnes avec les valeurs que vous spécifiez. Cette commande peut s'avérer utile pour les tests.\n \n````\nROW a = 1, b = \"two\", c = null\n````\n\nUtilisez des crochets pour créer des colonnes à valeurs multiples :\n\n````\nROW a = [2, 1]\n````\n\nROW permet d'utiliser des fonctions :\n\n````\nROW a = ROUND(1.23, 0)\n````\n ", + "languageDocumentation.documentationESQL.rtrim": "RTRIM", + "languageDocumentation.documentationESQL.rtrim.markdown": "\n\n ### RTRIM\n Supprime les espaces à la fin des chaînes.\n\n ````\n ROW message = \" some text \", color = \" red \"\n | EVAL message = RTRIM(message)\n | EVAL color = RTRIM(color)\n | EVAL message = CONCAT(\"'\", message, \"'\")\n | EVAL color = CONCAT(\"'\", color, \"'\")\n ````\n ", + "languageDocumentation.documentationESQL.show": "SHOW", + "languageDocumentation.documentationESQL.show.markdown": "### SHOW\nLa commande source `SHOW ` renvoie des informations sur le déploiement et ses capacités :\n\n* Utilisez `SHOW INFO` pour renvoyer la version du déploiement, la date de compilation et le hachage.\n* Utilisez `SHOW FUNCTIONS` pour renvoyer une liste de toutes les fonctions prises en charge et un résumé de chaque fonction.\n ", + "languageDocumentation.documentationESQL.signum": "SIGNUM", + "languageDocumentation.documentationESQL.signum.markdown": "\n\n ### SIGNUM\n Renvoie le signe du nombre donné.\n Il renvoie `-1` pour les nombres négatifs, `0` pour `0` et `1` pour les nombres positifs.\n\n ````\n ROW d = 100.0\n | EVAL s = SIGNUM(d)\n ````\n ", + "languageDocumentation.documentationESQL.sin": "SIN", + "languageDocumentation.documentationESQL.sin.markdown": "\n\n ### SIN\n Renvoie la fonction trigonométrique sinusoïdale d'un angle.\n\n ````\n ROW a=1.8 \n | EVAL sin=SIN(a)\n ````\n ", + "languageDocumentation.documentationESQL.sinh": "SINH", + "languageDocumentation.documentationESQL.sinh.markdown": "\n\n ### SINH\n Renvoie le sinus hyperbolique d'un angle.\n\n ````\n ROW a=1.8 \n | EVAL sinh=SINH(a)\n ````\n ", + "languageDocumentation.documentationESQL.sort": "SORT", + "languageDocumentation.documentationESQL.sort.markdown": "### SORT\nUtilisez la commande `SORT` pour trier les lignes sur un ou plusieurs champs :\n\n````\nFROM employees\n| KEEP first_name, last_name, height\n| SORT height\n````\n\nL'ordre de tri par défaut est croissant. Définissez un ordre de tri explicite en utilisant `ASC` ou `DESC` :\n\n````\nFROM employees\n| KEEP first_name, last_name, height\n| SORT height DESC\n````\n\nSi deux lignes disposent de la même clé de tri, l'ordre original sera préservé. Vous pouvez ajouter des expressions de tri pour départager les deux lignes :\n\n````\nFROM employees\n| KEEP first_name, last_name, height\n| SORT height DESC, first_name ASC\n````\n\n#### valeurs `null`\nPar défaut, les valeurs `null` sont considérées comme étant supérieures à toutes les autres valeurs. Selon un ordre de tri croissant, les valeurs `null` sont classées en dernier. Selon un ordre de tri décroissant, les valeurs `null` sont classées en premier. Pour modifier cet ordre, utilisez `NULLS FIRST` ou `NULLS LAST` :\n\n````\nFROM employees\n| KEEP first_name, last_name, height\n| SORT first_name ASC NULLS FIRST\n````\n ", + "languageDocumentation.documentationESQL.split": "SPLIT", + "languageDocumentation.documentationESQL.split.markdown": "\n\n ### SPLIT\n Divise une chaîne de valeur unique en plusieurs chaînes.\n\n ````\n ROW words=\"foo;bar;baz;qux;quux;corge\"\n | EVAL word = SPLIT(words, \";\")\n ````\n ", + "languageDocumentation.documentationESQL.sqrt": "SQRT", + "languageDocumentation.documentationESQL.sqrt.markdown": "\n\n ### SQRT\n Renvoie la racine carrée d'un nombre. La valeur de renvoi est toujours un double, quelle que soit la valeur numérique de l'entrée.\n Les racines carrées des nombres négatifs et des infinis sont nulles.\n\n ````\n ROW d = 100.0\n | EVAL s = SQRT(d)\n ````\n ", + "languageDocumentation.documentationESQL.st_contains": "ST_CONTAINS", + "languageDocumentation.documentationESQL.st_contains.markdown": "\n\n ### ST_CONTAINS\n Renvoie si la première géométrie contient la deuxième géométrie.\n Il s'agit de l'inverse de la fonction `ST_WITHIN`.\n\n ````\n FROM airport_city_boundaries\n | WHERE ST_CONTAINS(city_boundary, TO_GEOSHAPE(\"POLYGON((109.35 18.3, 109.45 18.3, 109.45 18.4, 109.35 18.4, 109.35 18.3))\"))\n | KEEP abbrev, airport, region, city, city_location\n ````\n ", + "languageDocumentation.documentationESQL.st_disjoint": "ST_DISJOINT", + "languageDocumentation.documentationESQL.st_disjoint.markdown": "\n\n ### ST_DISJOINT\n Renvoie si les deux géométries ou colonnes géométriques sont disjointes.\n Il s'agit de l'inverse de la fonction `ST_INTERSECTS`.\n En termes mathématiques : ST_Disjoint(A, B) ⇔ A ⋂ B = ∅\n\n ````\n FROM airport_city_boundaries\n | WHERE ST_DISJOINT(city_boundary, TO_GEOSHAPE(\"POLYGON((-10 -60, 120 -60, 120 60, -10 60, -10 -60))\"))\n | KEEP abbrev, airport, region, city, city_location\n ````\n ", + "languageDocumentation.documentationESQL.st_distance": "ST_DISTANCE", + "languageDocumentation.documentationESQL.st_distance.markdown": "\n\n ### ST_DISTANCE\n Calcule la distance entre deux points.\n Pour les géométries cartésiennes, c’est la distance pythagoricienne dans les mêmes unités que les coordonnées d'origine.\n Pour les géométries géographiques, c’est la distance circulaire le long du grand cercle en mètres.\n\n ````\n Aéroports FROM\n | WHERE abbrev == \"CPH\"\n | EVAL distance = ST_DISTANCE(location, city_location)\n | KEEP abbrev, name, location, city_location, distance\n ````\n ", + "languageDocumentation.documentationESQL.st_intersects": "ST_INTERSECTS", + "languageDocumentation.documentationESQL.st_intersects.markdown": "\n\n ### ST_INTERSECTS\n Renvoie `true` (vrai) si deux géométries se croisent.\n Elles se croisent si elles ont un point commun, y compris leurs points intérieurs\n (les points situés le long des lignes ou dans des polygones).\n Il s'agit de l'inverse de la fonction `ST_DISJOINT`.\n En termes mathématiques : ST_Intersects(A, B) ⇔ A ⋂ B ≠ ∅\n\n ````\n Aéroports FROM\n | WHERE ST_INTERSECTS(location, TO_GEOSHAPE(\"POLYGON((42 14, 43 14, 43 15, 42 15, 42 14))\"))\n ````\n ", + "languageDocumentation.documentationESQL.st_within": "ST_WITHIN", + "languageDocumentation.documentationESQL.st_within.markdown": "\n\n ### ST_WITHIN\n Renvoie si la première géométrie est à l'intérieur de la deuxième géométrie.\n Il s'agit de l'inverse de la fonction `ST_CONTAINS`.\n\n ````\n FROM airport_city_boundaries\n | WHERE ST_WITHIN(city_boundary, TO_GEOSHAPE(\"POLYGON((109.1 18.15, 109.6 18.15, 109.6 18.65, 109.1 18.65, 109.1 18.15))\"))\n | KEEP abbrev, airport, region, city, city_location\n ````\n ", + "languageDocumentation.documentationESQL.st_x": "ST_X", + "languageDocumentation.documentationESQL.st_x.markdown": "\n\n ### ST_X\n Extrait la coordonnée `x` du point fourni.\n Si les points sont de type `geo_point`, cela revient à extraire la valeur de la `longitude`.\n\n ````\n ROW point = TO_GEOPOINT(\"POINT(42.97109629958868 14.7552534006536)\")\n | EVAL x = ST_X(point), y = ST_Y(point)\n ````\n ", + "languageDocumentation.documentationESQL.st_y": "ST_Y", + "languageDocumentation.documentationESQL.st_y.markdown": "\n\n ### ST_Y\n Extrait la coordonnée `y` du point fourni.\n Si les points sont de type `geo_point`, cela revient à extraire la valeur de la `latitude`.\n\n ````\n ROW point = TO_GEOPOINT(\"POINT(42.97109629958868 14.7552534006536)\")\n | EVAL x = ST_X(point), y = ST_Y(point)\n ````\n ", + "languageDocumentation.documentationESQL.starts_with": "STARTS_WITH", + "languageDocumentation.documentationESQL.starts_with.markdown": "\n\n ### STARTS_WITH\n Renvoie un booléen qui indique si une chaîne de mot-clés débute par une autre chaîne.\n\n ````\n FROM employees\n | KEEP last_name\n | EVAL ln_S = STARTS_WITH(last_name, \"B\")\n ````\n ", + "languageDocumentation.documentationESQL.statsby": "STATS ... BY", + "languageDocumentation.documentationESQL.statsby.markdown": "### STATS ... BY\nUtilisez `STATS ... BY` pour regrouper les lignes en fonction d'une valeur commune et calculer une ou plusieurs valeurs agrégées sur les lignes regroupées.\n\n**Exemples** :\n\n````\nFROM employees\n| STATS count = COUNT(emp_no) BY languages\n| SORT languages\n````\n\nSi `BY` est omis, le tableau de sortie contient exactement une ligne avec les agrégations appliquées sur l'ensemble des données :\n\n````\nFROM employees\n| STATS avg_lang = AVG(languages)\n````\n\nIl est possible de calculer plusieurs valeurs :\n\n````\nFROM employees\n| STATS avg_lang = AVG(languages), max_lang = MAX(languages)\n````\n\nIl est également possible d'effectuer des regroupements en fonction de plusieurs valeurs (uniquement pour les champs longs et les champs de la famille de mots-clés) :\n\n````\nFROM employees\n| EVAL hired = DATE_FORMAT(hire_date, \"YYYY\")\n| STATS avg_salary = AVG(salary) BY hired, languages.long\n| EVAL avg_salary = ROUND(avg_salary)\n| SORT hired, languages.long\n````\n\nConsultez la rubrique **Fonctions d'agrégation** pour obtenir la liste des fonctions pouvant être utilisées avec `STATS ... BY`.\n\nLes fonctions d'agrégation et les expressions de regroupement acceptent toutes deux d'autres fonctions. Ceci est utile pour utiliser `STATS...BY` sur des colonnes à valeur multiple. Par exemple, pour calculer l'évolution moyenne du salaire, vous pouvez utiliser `MV_AVG` pour faire la moyenne des multiples valeurs par employé, et utiliser le résultat avec la fonction `AVG` :\n\n````\nFROM employees\n| STATS avg_salary_change = AVG(MV_AVG(salary_change))\n````\n\nLe regroupement par expression est par exemple le regroupement des employés en fonction de la première lettre de leur nom de famille :\n\n````\nFROM employees\n| STATS my_count = COUNT() BY LEFT(last_name, 1)\n| SORT \"LEFT(last_name, 1)\"\n````\n\nIl n'est pas obligatoire d'indiquer le nom de la colonne de sortie. S'il n'est pas spécifié, le nouveau nom de la colonne est égal à l'expression. La requête suivante renvoie une colonne appelée `AVG(salary)` :\n\n````\nFROM employees\n| STATS AVG(salary)\n````\n\nComme ce nom contient des caractères spéciaux, il doit être placé entre deux caractères (`) lorsqu'il est utilisé dans des commandes suivantes :\n\n````\nFROM employees\n| STATS AVG(salary)\n| EVAL avg_salary_rounded = ROUND(\"AVG(salary)\")\n````\n\n**Remarque** : `STATS` sans aucun groupe est beaucoup plus rapide que l'ajout d'un groupe.\n\n**Remarque** : Le regroupement sur une seule expression est actuellement beaucoup plus optimisé que le regroupement sur plusieurs expressions.\n ", + "languageDocumentation.documentationESQL.stringOperators": "LIKE et RLIKE", + "languageDocumentation.documentationESQL.stringOperators.markdown": "### LIKE et RLIKE\nPour comparer des chaînes en utilisant des caractères génériques ou des expressions régulières, utilisez `LIKE` ou `RLIKE` :\n\nUtilisez `LIKE` pour faire correspondre des chaînes à l'aide de caractères génériques. Les caractères génériques suivants sont pris en charge :\n\n* `*` correspond à zéro caractère ou plus.\n* `?` correspond à un seul caractère.\n\n````\nFROM employees\n| WHERE first_name LIKE \"?b*\"\n| KEEP first_name, last_name\n````\n\nUtilisez `RLIKE` pour faire correspondre des chaînes à l'aide d'expressions régulières :\n\n````\nFROM employees\n| WHERE first_name RLIKE \".leja.*\"\n| KEEP first_name, last_name\n````\n ", + "languageDocumentation.documentationESQL.substring": "SUBSTRING", + "languageDocumentation.documentationESQL.substring.markdown": "\n\n ### SUBSTRING\n Renvoie la sous-chaîne d'une chaîne, délimitée en fonction d'une position de départ et d'une longueur facultative\n\n ````\n FROM employees\n | KEEP last_name\n | EVAL ln_sub = SUBSTRING(last_name, 1, 3)\n ````\n ", + "languageDocumentation.documentationESQL.tan": "TAN", + "languageDocumentation.documentationESQL.tan.markdown": "\n\n ### TAN\n Renvoie la fonction trigonométrique Tangente d'un angle.\n\n ````\n ROW a=1.8 \n | EVAL tan=TAN(a)\n ````\n ", + "languageDocumentation.documentationESQL.tanh": "TANH", + "languageDocumentation.documentationESQL.tanh.markdown": "\n\n ### TANH\n Renvoie la fonction hyperbolique Tangente d'un angle.\n\n ````\n ROW a=1.8 \n | EVAL tanh=TANH(a)\n ````\n ", + "languageDocumentation.documentationESQL.tau": "TAU", + "languageDocumentation.documentationESQL.tau.markdown": "\n\n ### TAU\n Renvoie le rapport entre la circonférence et le rayon d'un cercle.\n\n ````\n ROW TAU()\n ````\n ", + "languageDocumentation.documentationESQL.to_base64": "TO_BASE64", + "languageDocumentation.documentationESQL.to_base64.markdown": "\n\n ### TO_BASE64\n Encode une chaîne en chaîne base64.\n\n ````\n row a = \"elastic\" \n | eval e = to_base64(a)\n ````\n ", + "languageDocumentation.documentationESQL.to_boolean": "TO_BOOLEAN", + "languageDocumentation.documentationESQL.to_boolean.markdown": "\n\n ### TO_BOOLEAN\n Convertit une valeur d'entrée en une valeur booléenne.\n Une chaîne de valeur *true* sera convertie, sans tenir compte de la casse, en une valeur booléenne *true*.\n Pour toute autre valeur, y compris une chaîne vide, la fonction renverra *false*.\n La valeur numérique *0* sera convertie en *false*, toute autre valeur sera convertie en *true*.\n\n ````\n ROW str = [\"true\", \"TRuE\", \"false\", \"\", \"yes\", \"1\"]\n | EVAL bool = TO_BOOLEAN(str)\n ````\n ", + "languageDocumentation.documentationESQL.to_cartesianpoint": "TO_CARTESIANPOINT", + "languageDocumentation.documentationESQL.to_cartesianpoint.markdown": "\n\n ### TO_CARTESIANPOINT\n Convertit la valeur d'une entrée en une valeur `cartesian_point`.\n Une chaîne ne sera convertie que si elle respecte le format WKT Point.\n\n ````\n ROW wkt = [\"POINT(4297.11 -1475.53)\", \"POINT(7580.93 2272.77)\"]\n | MV_EXPAND wkt\n | EVAL pt = TO_CARTESIANPOINT(wkt)\n ````\n ", + "languageDocumentation.documentationESQL.to_cartesianshape": "TO_CARTESIANSHAPE", + "languageDocumentation.documentationESQL.to_cartesianshape.markdown": "\n\n ### TO_CARTESIANSHAPE\n Convertit une valeur d'entrée en une valeur `cartesian_shape`.\n Une chaîne ne sera convertie que si elle respecte le format WKT.\n\n ````\n ROW wkt = [\"POINT(4297.11 -1475.53)\", \"POLYGON ((3339584.72 1118889.97, 4452779.63 4865942.27, 2226389.81 4865942.27, 1113194.90 2273030.92, 3339584.72 1118889.97))\"]\n | MV_EXPAND wkt\n | EVAL geom = TO_CARTESIANSHAPE(wkt)\n ````\n ", + "languageDocumentation.documentationESQL.to_datetime": "TO_DATETIME", + "languageDocumentation.documentationESQL.to_datetime.markdown": "\n\n ### TO_DATETIME\n Convertit une valeur d'entrée en une valeur de date.\n Une chaîne ne sera convertie que si elle respecte le format `yyyy-MM-dd'T'HH:mm:ss.SSS'Z'`.\n Pour convertir des dates vers d'autres formats, utilisez `DATE_PARSE`.\n\n ````\n ROW string = [\"1953-09-02T00:00:00.000Z\", \"1964-06-02T00:00:00.000Z\", \"1964-06-02 00:00:00\"]\n | EVAL datetime = TO_DATETIME(string)\n ````\n ", + "languageDocumentation.documentationESQL.to_degrees": "TO_DEGREES", + "languageDocumentation.documentationESQL.to_degrees.markdown": "\n\n ### TO_DEGREES\n Convertit un nombre en radians en degrés.\n\n ````\n ROW rad = [1.57, 3.14, 4.71]\n | EVAL deg = TO_DEGREES(rad)\n ````\n ", + "languageDocumentation.documentationESQL.to_double": "TO_DOUBLE", + "languageDocumentation.documentationESQL.to_double.markdown": "\n\n ### TO_DOUBLE\n Convertit une valeur d'entrée en une valeur double. Si le paramètre d'entrée est de type date,\n sa valeur sera interprétée en millisecondes depuis l'heure Unix,\n convertie en double. Le booléen *true* sera converti en double *1.0*, et *false* en *0.0*.\n\n ````\n ROW str1 = \"5.20128E11\", str2 = \"foo\"\n | EVAL dbl = TO_DOUBLE(\"520128000000\"), dbl1 = TO_DOUBLE(str1), dbl2 = TO_DOUBLE(str2)\n ````\n ", + "languageDocumentation.documentationESQL.to_geopoint": "TO_GEOPOINT", + "languageDocumentation.documentationESQL.to_geopoint.markdown": "\n\n ### TO_GEOPOINT\n Convertit une valeur d'entrée en une valeur `geo_point`.\n Une chaîne ne sera convertie que si elle respecte le format WKT Point.\n\n ````\n ROW wkt = \"POINT(42.97109630194 14.7552534413725)\"\n | EVAL pt = TO_GEOPOINT(wkt)\n ````\n ", + "languageDocumentation.documentationESQL.to_geoshape": "TO_GEOSHAPE", + "languageDocumentation.documentationESQL.to_geoshape.markdown": "\n\n ### TO_GEOSHAPE\n Convertit une valeur d'entrée en une valeur `geo_shape`.\n Une chaîne ne sera convertie que si elle respecte le format WKT.\n\n ````\n ROW wkt = \"POLYGON ((30 10, 40 40, 20 40, 10 20, 30 10))\"\n | EVAL geom = TO_GEOSHAPE(wkt)\n ````\n ", + "languageDocumentation.documentationESQL.to_integer": "TO_INTEGER", + "languageDocumentation.documentationESQL.to_integer.markdown": "\n\n ### TO_INTEGER\n Convertit une valeur d'entrée en une valeur entière.\n Si le paramètre d'entrée est de type date, sa valeur sera interprétée en millisecondes\n depuis l'heure Unix, convertie en entier.\n Le booléen *true* sera converti en entier *1*, et *false* en *0*.\n\n ````\n ROW long = [5013792, 2147483647, 501379200000]\n | EVAL int = TO_INTEGER(long)\n ````\n ", + "languageDocumentation.documentationESQL.to_ip": "TO_IP", + "languageDocumentation.documentationESQL.to_ip.markdown": "\n\n ### TO_IP\n Convertit une chaîne d'entrée en valeur IP.\n\n ````\n ROW str1 = \"1.1.1.1\", str2 = \"foo\"\n | EVAL ip1 = TO_IP(str1), ip2 = TO_IP(str2)\n | WHERE CIDR_MATCH(ip1, \"1.0.0.0/8\")\n ````\n ", + "languageDocumentation.documentationESQL.to_long": "TO_LONG", + "languageDocumentation.documentationESQL.to_long.markdown": "\n\n ### TO_LONG\n Convertit une valeur d'entrée en une valeur longue. Si le paramètre d'entrée est de type date,\n sa valeur sera interprétée en millisecondes depuis l'heure Unix, convertie en valeur longue.\n Le booléen *true* sera converti en valeur longue *1*, et *false* en *0*.\n\n ````\n ROW str1 = \"2147483648\", str2 = \"2147483648.2\", str3 = \"foo\"\n | EVAL long1 = TO_LONG(str1), long2 = TO_LONG(str2), long3 = TO_LONG(str3)\n ````\n ", + "languageDocumentation.documentationESQL.to_lower": "TO_LOWER", + "languageDocumentation.documentationESQL.to_lower.markdown": "\n\n ### TO_LOWER\n Renvoie une nouvelle chaîne représentant la chaîne d'entrée convertie en minuscules.\n\n ````\n ROW message = \"Some Text\"\n | EVAL message_lower = TO_LOWER(message)\n ````\n ", + "languageDocumentation.documentationESQL.to_radians": "TO_RADIANS", + "languageDocumentation.documentationESQL.to_radians.markdown": "\n\n ### TO_RADIANS\n Convertit un nombre en degrés en radians.\n\n ````\n ROW deg = [90.0, 180.0, 270.0]\n | EVAL rad = TO_RADIANS(deg)\n ````\n ", + "languageDocumentation.documentationESQL.to_string": "TO_STRING", + "languageDocumentation.documentationESQL.to_string.markdown": "\n\n ### TO_STRING\n Convertit une valeur d'entrée en une chaîne.\n\n ````\n ROW a=10\n | EVAL j = TO_STRING(a)\n ````\n ", + "languageDocumentation.documentationESQL.to_unsigned_long": "TO_UNSIGNED_LONG", + "languageDocumentation.documentationESQL.to_unsigned_long.markdown": "\n\n ### TO_UNSIGNED_LONG\n Convertit une valeur d'entrée en une valeur longue non signée. Si le paramètre d'entrée est de type date,\n sa valeur sera interprétée en millisecondes depuis l'heure Unix, convertie en valeur longue non signée.\n Le booléen *true* sera converti en valeur longue non signée *1*, et *false* en *0*.\n\n ````\n ROW str1 = \"2147483648\", str2 = \"2147483648.2\", str3 = \"foo\"\n | EVAL long1 = TO_UNSIGNED_LONG(str1), long2 = TO_ULONG(str2), long3 = TO_UL(str3)\n ````\n ", + "languageDocumentation.documentationESQL.to_upper": "TO_UPPER", + "languageDocumentation.documentationESQL.to_upper.markdown": "\n\n ### TO_UPPER\n Renvoie une nouvelle chaîne représentant la chaîne d'entrée convertie en majuscules.\n\n ````\n ROW message = \"Some Text\"\n | EVAL message_upper = TO_UPPER(message)\n ````\n ", + "languageDocumentation.documentationESQL.to_version": "TO_VERSION", + "languageDocumentation.documentationESQL.to_version.markdown": "\n\n ### TO_VERSION\n Convertit une chaîne d'entrée en une valeur de version.\n\n ````\n ROW v = TO_VERSION(\"1.2.3\")\n ````\n ", + "languageDocumentation.documentationESQL.trim": "TRIM", + "languageDocumentation.documentationESQL.trim.markdown": "\n\n ### TRIM\n Supprime les espaces de début et de fin d'une chaîne.\n\n ````\n ROW message = \" some text \", color = \" red \"\n | EVAL message = TRIM(message)\n | EVAL color = TRIM(color)\n ````\n ", + "languageDocumentation.documentationESQL.where": "WHERE", + "languageDocumentation.documentationESQL.where.markdown": "### WHERE\nUtilisez `WHERE` afin d'obtenir un tableau qui comprend toutes les lignes du tableau d'entrée pour lesquelles la condition fournie est évaluée à `true` :\n \n````\nFROM employees\n| KEEP first_name, last_name, still_hired\n| WHERE still_hired == true\n````\n\n#### Opérateurs\n\nPour obtenir un aperçu des opérateurs pris en charge, consultez la section **Opérateurs**.\n\n#### Fonctions\n`WHERE` prend en charge diverses fonctions de calcul des valeurs. Pour en savoir plus, consultez la section **Fonctions**.\n ", "textBasedEditor.query.textBasedLanguagesEditor.EnableWordWrapLabel": "Ajouter des sauts de ligne aux barres verticales", "textBasedEditor.query.textBasedLanguagesEditor.errorCount": "{count} {count, plural, one {erreur} other {erreurs}}", "textBasedEditor.query.textBasedLanguagesEditor.errorsTitle": "Erreurs", "textBasedEditor.query.textBasedLanguagesEditor.expandLabel": "Développer", "textBasedEditor.query.textBasedLanguagesEditor.feedback": "Commentaires", - "languageDocumentationPopover.documentationESQL.functions": "Fonctions", - "languageDocumentationPopover.documentationESQL.functionsDocumentationESQLDescription": "Les fonctions sont compatibles avec \"ROW\" (Ligne), \"EVAL\" (Évaluation) et \"WHERE\" (Où).", - "languageDocumentationPopover.documentationESQL.groupingFunctions": "Fonctions de groupage", - "languageDocumentationPopover.documentationESQL.groupingFunctionsDocumentationESQLDescription": "Ces fonctions de regroupement peuvent être utilisées avec `STATS...BY` :", + "languageDocumentation.documentationESQL.functions": "Fonctions", + "languageDocumentation.documentationESQL.functionsDocumentationESQLDescription": "Les fonctions sont compatibles avec \"ROW\" (Ligne), \"EVAL\" (Évaluation) et \"WHERE\" (Où).", + "languageDocumentation.documentationESQL.groupingFunctions": "Fonctions de groupage", + "languageDocumentation.documentationESQL.groupingFunctionsDocumentationESQLDescription": "Ces fonctions de regroupement peuvent être utilisées avec `STATS...BY` :", "textBasedEditor.query.textBasedLanguagesEditor.hideQueriesLabel": "Masquer les recherches récentes", "textBasedEditor.query.textBasedLanguagesEditor.lineCount": "{count} {count, plural, one {ligne} other {lignes}}", "textBasedEditor.query.textBasedLanguagesEditor.lineNumber": "Ligne {lineNumber}", - "languageDocumentationPopover.documentationESQL.operators": "Opérateurs", - "languageDocumentationPopover.documentationESQL.operatorsDocumentationESQLDescription": "ES|QL est compatible avec les opérateurs suivants :", - "languageDocumentationPopover.documentationESQL.processingCommands": "Traitement des commandes", - "languageDocumentationPopover.documentationESQL.processingCommandsDescription": "Le traitement des commandes transforme un tableau des entrées par l'ajout, le retrait ou la modification des lignes et des colonnes. ES|QL est compatible avec le traitement des commandes suivant.", + "languageDocumentation.documentationESQL.operators": "Opérateurs", + "languageDocumentation.documentationESQL.operatorsDocumentationESQLDescription": "ES|QL est compatible avec les opérateurs suivants :", + "languageDocumentation.documentationESQL.processingCommands": "Traitement des commandes", + "languageDocumentation.documentationESQL.processingCommandsDescription": "Le traitement des commandes transforme un tableau des entrées par l'ajout, le retrait ou la modification des lignes et des colonnes. ES|QL est compatible avec le traitement des commandes suivant.", "textBasedEditor.query.textBasedLanguagesEditor.querieshistory.error": "La requête a échouée", "textBasedEditor.query.textBasedLanguagesEditor.querieshistory.success": "La requête a été exécuté avec succès", "textBasedEditor.query.textBasedLanguagesEditor.querieshistoryCopy": "Copier la requête dans le presse-papier", @@ -7339,7 +7339,7 @@ "textBasedEditor.query.textBasedLanguagesEditor.recentQueriesColumnLabel": "Recherches récentes", "textBasedEditor.query.textBasedLanguagesEditor.runQuery": "Exécuter la requête", "textBasedEditor.query.textBasedLanguagesEditor.showQueriesLabel": "Afficher les recherches récentes", - "languageDocumentationPopover.documentationESQL.sourceCommands": "Commandes sources", + "languageDocumentation.documentationESQL.sourceCommands": "Commandes sources", "textBasedEditor.query.textBasedLanguagesEditor.submitFeedback": "Soumettre un commentaire", "textBasedEditor.query.textBasedLanguagesEditor.timeRanColumnLabel": "Temps exécuté", "textBasedEditor.query.textBasedLanguagesEditor.timestampNotDetected": "@timestamp non trouvé", @@ -20371,8 +20371,6 @@ "xpack.fleet.settings.agentPolicyAdvanced.agentLoggingLevelTitle": "Niveau de logging de l'agent", "xpack.fleet.settings.agentPolicyAdvanced.agentLoggingMetricsPeriodDescription": "Fréquence de logging des indicateurs internes d'Elastic Agent.", "xpack.fleet.settings.agentPolicyAdvanced.agentLoggingMetricsPeriodTitle": "Période de mesure de logging de l'agent", - "xpack.fleet.settings.agentPolicyAdvanced.agentMonitoringHttpDescription": "Active un point de terminaison HTTP actif qui renvoie l'état d’intégrité global d'Elastic Agent. Il peut par exemple être utilisé par Kubernetes pour redémarrer le conteneur.", - "xpack.fleet.settings.agentPolicyAdvanced.agentMonitoringHttpTitle": "Point de terminaison de surveillance HTTP", "xpack.fleet.settings.agentPolicyAdvanced.downloadTimeoutDescription": "Le délai d'expiration pour le téléchargement du binaire des agents.", "xpack.fleet.settings.agentPolicyAdvanced.downloadTimeoutTitle": "Délai d'expiration de téléchargement du binaire des agents", "xpack.fleet.settings.agentPolicyAdvanced.downloadTimeoutValidationMessage": "Doit être une chaîne avec une unité de temps, par exemple 30 s, 5 m, 2 h, 1 d", @@ -22610,12 +22608,10 @@ "xpack.indexLifecycleMgmt.editPolicy.searchableSnapshotLicenseCalloutTitle": "Licence Enterprise requise", "xpack.indexLifecycleMgmt.editPolicy.searchableSnapshotRepoFieldLabel": "Référentiel de snapshot", "xpack.indexLifecycleMgmt.editPolicy.searchableSnapshotRepoRequiredError": "Nom de référentiel de snapshot obligatoire.", - "xpack.indexLifecycleMgmt.editPolicy.searchableSnapshotStorageFieldLabel": "Stockage de snapshots qu’il est possible de rechercher", "xpack.indexLifecycleMgmt.editPolicy.showPolicyJsonButton": "Afficher la requête", "xpack.indexLifecycleMgmt.editPolicy.shrink.configureShardCountLabel": "Configurer le nombre de partitions", "xpack.indexLifecycleMgmt.editPolicy.shrink.configureShardSizeLabel": "Configurer la taille des partitions", "xpack.indexLifecycleMgmt.editPolicy.shrinkIndexExplanationText": "Réduisez l'index en un nouvel index contenant moins de partitions principales.", - "xpack.indexLifecycleMgmt.editPolicy.shrinkText": "Réduire", "xpack.indexLifecycleMgmt.editPolicy.successfulSaveMessage": "{verb} la politique de cycle de vie \"{lifecycleName}\"", "xpack.indexLifecycleMgmt.editPolicy.timeUnits.daysLabel": "jours", "xpack.indexLifecycleMgmt.editPolicy.timeUnits.hoursLabel": "heures", @@ -22726,10 +22722,8 @@ "xpack.indexLifecycleMgmt.policyTable.addLifecyclePolicyToTemplateConfirmModal.successMessage": "La politique {policyName} a été ajoutée au modèle d'index {templateName}", "xpack.indexLifecycleMgmt.policyTable.addLifecyclePolicyToTemplateConfirmModal.templateHasPolicyWarningTitle": "Le modèle a déjà une stratégie", "xpack.indexLifecycleMgmt.policyTable.addLifecyclePolicyToTemplateConfirmModal.title": "Ajouter la politique \"{name}\" au modèle d'index", - "xpack.indexLifecycleMgmt.policyTable.addPolicyToTemplateButtonText": "Ajouter la stratégie au modèle d'index", "xpack.indexLifecycleMgmt.policyTable.captionText": "Le tableau ci-dessous contient {count, plural, one {# politique de cycle de vie des index} other {# politiques de cycle de vie des index}}.", "xpack.indexLifecycleMgmt.policyTable.deletePolicyButtonDisabledTooltip": "Vous ne pouvez pas supprimer une stratégie utilisée par un index", - "xpack.indexLifecycleMgmt.policyTable.deletePolicyButtonText": "Supprimer la stratégie", "xpack.indexLifecycleMgmt.policyTable.emptyPrompt.createButtonLabel": "Créer une stratégie", "xpack.indexLifecycleMgmt.policyTable.emptyPromptDescription": " Une stratégie de cycle de vie des index permet de gérer vos index à mesure qu'ils vieillissent.", "xpack.indexLifecycleMgmt.policyTable.emptyPromptTitle": "Créez votre première stratégie de cycle de vie des index", diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index d160cfb6896f9..70db3ccc34a9b 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -5440,10 +5440,10 @@ "kibanaOverview.manageData.sectionTitle": "データを管理", "kibanaOverview.more.title": "Elasticではさまざまなことが可能です", "kibanaOverview.news.title": "新機能", - "languageDocumentationPopover.documentationLinkLabel": "ドキュメント全体を表示", - "languageDocumentationPopover.header": "{language}リファレンス", - "languageDocumentationPopover.searchPlaceholder": "検索", - "languageDocumentationPopover.tooltip": "{lang}リファレンス", + "languageDocumentation.documentationLinkLabel": "ドキュメント全体を表示", + "languageDocumentation.header": "{language}リファレンス", + "languageDocumentation.searchPlaceholder": "検索", + "languageDocumentation.tooltip": "{lang}リファレンス", "lensFormulaDocs.avg": "平均", "lensFormulaDocs.boolean": "ブール", "lensFormulaDocs.cardinality": "ユニークカウント", @@ -7077,253 +7077,253 @@ "telemetry.usageCollectionConstant": "使用状況の収集", "telemetry.usageDataTitle": "使用状況の収集", "textBasedEditor.query.textBasedLanguagesEditor.aborted": "リクエストが中断されました", - "languageDocumentationPopover.documentationESQL.aggregationFunctions": "集約関数", - "languageDocumentationPopover.documentationESQL.aggregationFunctionsDocumentationESQLDescription": "これらの関数はSTATS...BYで使用できます。", + "languageDocumentation.documentationESQL.aggregationFunctions": "集約関数", + "languageDocumentation.documentationESQL.aggregationFunctionsDocumentationESQLDescription": "これらの関数はSTATS...BYで使用できます。", "textBasedEditor.query.textBasedLanguagesEditor.cancel": "キャンセル", "textBasedEditor.query.textBasedLanguagesEditor.collapseLabel": "縮小", - "languageDocumentationPopover.documentationESQL.commandsDescription": "通常、ソースコマンドはElasticsearchのデータを使ってテーブルを生成します。ES|QLは以下のソースコマンドをサポートしています。", + "languageDocumentation.documentationESQL.commandsDescription": "通常、ソースコマンドはElasticsearchのデータを使ってテーブルを生成します。ES|QLは以下のソースコマンドをサポートしています。", "textBasedEditor.query.textBasedLanguagesEditor.disableWordWrapLabel": "パイプの改行を削除", - "languageDocumentationPopover.documentationESQL.abs": "ABS", - "languageDocumentationPopover.documentationESQL.abs.markdown": "\n\n ### ABS\n 絶対値を返します。\n\n ```\n ROW number = -1.0 \n | EVAL abs_number = ABS(number)\n ```\n ", - "languageDocumentationPopover.documentationESQL.acos": "ACOS", - "languageDocumentationPopover.documentationESQL.acos.markdown": "\n\n ### ACOS\n nのアークコサインをラジアンで表記された角度として返します。\n\n ```\n ROW a=.9\n | EVAL acos=ACOS(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.asin": "ASIN", - "languageDocumentationPopover.documentationESQL.asin.markdown": "\n\n ### ASIN\n 入力\n 数値式のアークサインをラジアンで表記された角度として返します。\n\n ```\n ROW a=.9\n | EVAL asin=ASIN(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.atan": "ATAN", - "languageDocumentationPopover.documentationESQL.atan.markdown": "\n\n ### ATAN\n 入力\n 数値式のアークタンジェントをラジアンで表記された角度として返します。\n\n ```\n ROW a=12.9\n | EVAL atan=ATAN(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.atan2": "ATAN2", - "languageDocumentationPopover.documentationESQL.atan2.markdown": "\n\n ### ATAN2\n 直交平面上の原点から点(x , y)に向かう光線と正のx軸のなす角(ラジアン表記)。\n \n\n ```\n ROW y=12.9, x=.6\n | EVAL atan2=ATAN2(y, x)\n ```\n ", - "languageDocumentationPopover.documentationESQL.autoBucketFunction": "BUCKET", - "languageDocumentationPopover.documentationESQL.autoBucketFunction.markdown": "### バケット\n日時または数値入力から、値(バケット)のグループを作成します。バケットのサイズは直接指定するか、推奨される数と値の範囲に基づいて選択できます。\n\nBUCKETは次の2つのモードで動作します。\n\n1.バケットのサイズがバケット数の提案(4つのパラメーター)と範囲に基づいて計算される。\n2.バケットサイズが直接指定される(2つのパラメーター)。\n\n目標バケット数、開始日、終了日を使用すると、目標バケット数以下のバケットを生成するために適切なバケットサイズがBUCKETによって選択されます。\n\nたとえば、1年に最大20バケットをリクエストすると、データが1か月間隔で整理されます。\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hire_date = MV_SORT(VALUES(hire_date)) BY month = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT hire_date\n```\n\n**注**:ここでは、正確な目標バケット数を指定するのではなく、目標バケット数を_上限_として範囲を指定します。\n\nBUCKETを集約と組み合わせ、ヒストグラムを作成できます。\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hires_per_month = COUNT(*) BY month = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT month\n```\n\n**注**:BUCKETは、どのドキュメントにも一致しないバケットを作成しません。そのため、前の例では1985-03-01やその他の日付が抜けています。\n\nその他のバケットを要求すると、範囲が小さくなることがあります。たとえば、1年に最大100バケットをリクエストすると、1週間単位のバケットになります。\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hires_per_week = COUNT(*) BY week = BUCKET(hire_date, 100, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT week\n```\n\n**注**:AUTO_BUCKETは行をフィルタリングしません。指定された範囲のみを使用して、適切なバケットサイズを選択します。範囲外の値の行に対しては、範囲外のバケツに対応するバケット値を返します。行をフィルタリングするには、BUCKETとWHEREを組み合わせます。\n\n事前に任意のバケットサイズがわかっている場合は、2番目の引数として指定し、範囲を除外します。\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hires_per_week = COUNT(*) BY week = BUCKET(hire_date, 1 week)\n| SORT week\n```\n\n**注**:バケットサイズを2番目のパラメーターとして指定するときには、時間の期間または日付の期間を選択する必要があります。\n\nBUCKETは数値フィールドでも動作します。たとえば、給与ヒストグラムを作成します。\n\n```\nFROM employees\n| STATS COUNT(*) by bs = BUCKET(salary, 20, 25324, 74999)\n| SORT bs\n```\n\n日付範囲で意図的フィルタリングする前の例とは異なり、数値フィールドでフィルタリングすることはほとんどありません。最小値と最大値を別々に見つける必要があります。ES|QLにはそれを自動的に実行するための簡単な方法がありません。\n\n任意のバケットサイズが事前にわかっている場合は、範囲を省略できます。2番目の引数として指定します。\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS c = COUNT(1) BY b = BUCKET(salary, 5000.)\n| SORT b\n```\n\n**注**:バケットサイズを2番目のパラメーターとして指定するときには、**浮動小数点数型**でなければなりません。\n\n次の例は、過去24時間の1時間単位のバケットを作成し、1時間当たりのイベント数を計算します。\n\n```\nFROM sample_data\n| WHERE @timestamp >= NOW() - 1 day and @timestamp < NOW()\n| STATS COUNT(*) BY bucket = BUCKET(@timestamp, 25, NOW() - 1 day, NOW())\n```\n\n次の例は、1985年の1か月単位のバケットを作成し、採用月別に平均給与を計算します。\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS AVG(salary) BY bucket = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT bucket\n```\n\n集約部で関数が**グループ部で定義されたエイリアスによって参照されている**場合、またはまったく同じ式で呼び出されている場合、BUCKETは、 STATS …​ BY …コマンドの集約部とグループ部の両方で使用できます。\n\n例:\n\n```\nFROM employees\n| STATS s1 = b1 + 1, s2 = BUCKET(salary / 1000 + 999, 50.) + 2 BY b1 = BUCKET(salary / 100 + 99, 50.), b2 = BUCKET(salary / 1000 + 999, 50.)\n| SORT b1, b2\n| KEEP s1, b1, s2, b2\n```\n ", - "languageDocumentationPopover.documentationESQL.binaryOperators": "バイナリ演算子", - "languageDocumentationPopover.documentationESQL.binaryOperators.markdown": "### バイナリ演算子\n次のバイナリ比較演算子がサポートされています。\n\n* 等号:`==`\n* 不等号:`!=`\n* より小さい:`<`\n* 以下:`<=`\n* より大きい:`>`\n* 以上:`>=`\n* 加算:`+`\n* 減算:`-`\n* 乗算:`*`\n* 除算:`/`\n* 係数:`%`\n ", - "languageDocumentationPopover.documentationESQL.booleanOperators": "ブール演算子", - "languageDocumentationPopover.documentationESQL.booleanOperators.markdown": "### ブール演算子\n次のブール演算子がサポートされています。\n\n* `AND`\n* `OR`\n* `NOT`\n ", - "languageDocumentationPopover.documentationESQL.bucket": "BUCKET", - "languageDocumentationPopover.documentationESQL.bucket.markdown": "\n\n ### BUCKET\n 日時または数値入力から、値(バケット)のグループを作成します。\n バケットのサイズは直接指定するか、推奨される数と値の範囲に基づいて選択できます。\n\n ```\n FROM employees\n | WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n | STATS hire_date = MV_SORT(VALUES(hire_date)) BY month = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n | SORT hire_date\n ```\n ", - "languageDocumentationPopover.documentationESQL.case": "CASE", - "languageDocumentationPopover.documentationESQL.case.markdown": "\n\n ### CASE\n 条件と値のペアを指定できます。この関数は、trueと評価される\n 最初の条件に属する値を返します。\n\n 引数の数が奇数の場合、最後の引数は条件に一致しない場合に返されるデフォルト値になります。\n 引数の数が偶数で、\n 条件が一致しない場合、この関数はnullを返します。\n\n ```\n FROM employees\n | EVAL type = CASE(\n languages <= 1, \"monolingual\",\n languages <= 2, \"bilingual\",\n \"polyglot\")\n | KEEP emp_no, languages, type\n ```\n ", - "languageDocumentationPopover.documentationESQL.castOperator": "Cast (::)", - "languageDocumentationPopover.documentationESQL.castOperator.markdown": "### CAST (`::`)\n::演算子はO_型変換関数に代わる便利な構文です。\n\n例:\n```\nROW ver = CONCAT((\"0\"::INT + 1)::STRING, \".2.3\")::VERSION\n```\n ", - "languageDocumentationPopover.documentationESQL.cbrt": "CBRT", - "languageDocumentationPopover.documentationESQL.cbrt.markdown": "\n\n ### CBRT\n 数値の立方根を返します。入力は任意の数値で、戻り値は常にdoubleです。\n 無限大の立方根はnullです。\n\n ```\n ROW d = 1000.0\n | EVAL c = cbrt(d)\n ```\n ", - "languageDocumentationPopover.documentationESQL.ceil": "CEIL", - "languageDocumentationPopover.documentationESQL.ceil.markdown": "\n\n ### CEIL\n 最も近い整数に数値を切り上げます。\n\n ```\n ROW a=1.8\n | EVAL a=CEIL(a)\n ```\n 注:これはlong(符号なしを含む)とintegerのnoopです。doubleの場合、JavaのMath.ceilと同様に、整数に最も近いdoubleの値を選びます。\n ", - "languageDocumentationPopover.documentationESQL.cidr_match": "CIDR_MATCH", - "languageDocumentationPopover.documentationESQL.cidr_match.markdown": "\n\n ### CIDR_MATCH\n 指定されたIPが指定されたCIDRブロックのいずれかに含まれていればtrueを返します。\n\n ```\n FROM hosts \n | WHERE CIDR_MATCH(ip1, \"127.0.0.2/32\", \"127.0.0.3/32\") \n | KEEP card, host, ip0, ip1\n ```\n ", - "languageDocumentationPopover.documentationESQL.coalesce": "COALESCE", - "languageDocumentationPopover.documentationESQL.coalesce.markdown": "\n\n ### COALESCE\n nullでない最初の引数を返します。すべての引数がnullの場合はnullを返します。\n\n ```\n ROW a=null, b=\"b\"\n | EVAL COALESCE(a, b)\n ```\n ", - "languageDocumentationPopover.documentationESQL.concat": "CONCAT", - "languageDocumentationPopover.documentationESQL.concat.markdown": "\n\n ### CONCAT\n 2つ以上の文字列を連結します。\n\n ```\n FROM employees\n | KEEP first_name, last_name\n | EVAL fullname = CONCAT(first_name, \" \", last_name)\n ```\n ", - "languageDocumentationPopover.documentationESQL.cos": "COS", - "languageDocumentationPopover.documentationESQL.cos.markdown": "\n\n ### COS\n 角度の余弦を返します。\n\n ```\n ROW a=1.8 \n | EVAL cos=COS(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.cosh": "COSH", - "languageDocumentationPopover.documentationESQL.cosh.markdown": "\n\n ### COSH\n 角度の双曲余弦を返します。\n\n ```\n ROW a=1.8 \n | EVAL cosh=COSH(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.date_diff": "DATE_DIFF", - "languageDocumentationPopover.documentationESQL.date_diff.markdown": "\n\n ### DATE_DIFF\n startTimestampをendTimestampから減算し、unitの乗数の差を返します。\n startTimestampがendTimestampより後の場合は、負の値が返されます。\n\n ```\n ROW date1 = TO_DATETIME(\"2023-12-02T11:00:00.000Z\"), date2 = TO_DATETIME(\"2023-12-02T11:00:00.001Z\")\n | EVAL dd_ms = DATE_DIFF(\"microseconds\", date1, date2)\n ```\n ", - "languageDocumentationPopover.documentationESQL.date_extract": "DATE_EXTRACT", - "languageDocumentationPopover.documentationESQL.date_extract.markdown": "\n\n ### DATE_EXTRACT\n 年、月、日、時間など、日付の一部を抽出します。\n\n ```\n ROW date = DATE_PARSE(\"yyyy-MM-dd\", \"2022-05-06\")\n | EVAL year = DATE_EXTRACT(\"year\", date)\n ```\n ", - "languageDocumentationPopover.documentationESQL.date_format": "DATE_FORMAT", - "languageDocumentationPopover.documentationESQL.date_format.markdown": "\n\n ### DATE_FORMAT\n 指定した書式の日付の文字列表現を返します。\n\n ```\n FROM employees\n | KEEP first_name, last_name, hire_date\n | EVAL hired = DATE_FORMAT(\"YYYY-MM-dd\", hire_date)\n ```\n ", - "languageDocumentationPopover.documentationESQL.date_parse": "DATE_PARSE", - "languageDocumentationPopover.documentationESQL.date_parse.markdown": "\n\n ### DATE_PARSE\n 最初の引数で指定した形式を使用して、2番目の引数を解析することで、日付を返します。\n\n ```\n ROW date_string = \"2022-05-06\"\n | EVAL date = DATE_PARSE(\"yyyy-MM-dd\", date_string)\n ```\n ", - "languageDocumentationPopover.documentationESQL.date_trunc": "DATE_TRUNC", - "languageDocumentationPopover.documentationESQL.date_trunc.markdown": "\n\n ### DATE_TRUNC\n 最も近い区間まで日付を切り捨てます。\n\n ```\n FROM employees\n | KEEP first_name, last_name, hire_date\n | EVAL year_hired = DATE_TRUNC(1 year, hire_date)\n ```\n ", - "languageDocumentationPopover.documentationESQL.dissect": "DISSECT", - "languageDocumentationPopover.documentationESQL.dissect.markdown": "### DISSECT\nDISSECTは文字列から構造化データを取り出すことができます。DISSECTは文字列を区切り文字ベースのパターンと照合し、指定されたキーを列として抽出します。\n\ndissectパターンの構文については、[dissectプロセッサードキュメント](https://www.elastic.co/guide/en/elasticsearch/reference/current/dissect-processor.html)を参照してください。\n\n```\nROW a = \"1953-01-23T12:15:00Z - some text - 127.0.0.1\"\n| DISSECT a \"%'{Y}-%{M}-%{D}T%{h}:%{m}:%{s}Z - %{msg} - %{ip}'\"\n``` ", - "languageDocumentationPopover.documentationESQL.drop": "DROP", - "languageDocumentationPopover.documentationESQL.drop.markdown": "### DROP\nテーブルから列を削除するには、DROPを使用します。\n \n```\nFROM employees\n| DROP height\n```\n\n各列を名前で指定するのではなく、ワイルドカードを使って、パターンと一致する名前の列をすべて削除することができます。\n\n```\nFROM employees\n| DROP height*\n```\n ", - "languageDocumentationPopover.documentationESQL.e": "E", - "languageDocumentationPopover.documentationESQL.e.markdown": "\n\n ### E\n オイラー数を返します。\n\n ```\n ROW E()\n ```\n ", - "languageDocumentationPopover.documentationESQL.ends_with": "ENDS_WITH", - "languageDocumentationPopover.documentationESQL.ends_with.markdown": "\n\n ### ENDS_WITH\n キーワード文字列が他の文字列で終わるかどうかを示すブール値を返します。\n\n ```\n FROM employees\n | KEEP last_name\n | EVAL ln_E = ENDS_WITH(last_name, \"d\")\n ```\n ", - "languageDocumentationPopover.documentationESQL.enrich": "ENRICH", - "languageDocumentationPopover.documentationESQL.enrich.markdown": "### ENRICH\nENRICH`を使用すると、既存のインデックスのデータを受信レコードに追加することができます。[インジェストエンリッチ](https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest-enriching-data.html)と似ていますが、クエリー時に動作します。\n\n```\nROW language_code = \"1\"\n| ENRICH languages_policy\n```\n\nENRICHでは、[エンリッチポリシー](https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest-enriching-data.html#enrich-policy)を実行する必要があります。エンリッチポリシーは、一致フィールド (キーフィールド) とエンリッチフィールドのセットを定義します。\n\nENRICHは、一致フィールド値に基づいて、[エンリッチインデックス](https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest-enriching-data.html#enrich-index)のレコードを検索します。入力データセットの一致するキーは、ON を使用して定義できます。指定しない場合は、エンリッチポリシーで定義された一致フィールドと同じ名前のフィールドで一致が実行されます。\n\n```\nROW a = \"1\"\n| ENRICH languages_policy ON a\n```\n\nWITH , ...構文を使用して、結果に追加される属性(ポリシーでエンリッチフィールドとして定義された属性の間)を指定できます。\n\n```\nROW a = \"1\"\n| ENRICH languages_policy ON a WITH language_name\n```\n\n属性の名前は、WITH new_name=を使用して変更できます。\n\n```\nROW a = \"1\"\n| ENRICH languages_policy ON a WITH name = language_name\n```\n\nデフォルトでは、(WITHが定義されていない場合)、ENRICHはエンリッチポリシーで定義されたすべてのエンリッチフィールドを結果に追加します。\n\n名前の競合が発生した場合、新しく作成されたフィールドが既存のフィールドを上書きします。\n ", - "languageDocumentationPopover.documentationESQL.eval": "EVAL", - "languageDocumentationPopover.documentationESQL.eval.markdown": "### EVAL\nEVALでは、新しい列を追加できます。\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| EVAL height_feet = height * 3.281, height_cm = height * 100\n```\n\n指定した列がすでに存在する場合、既存の列は削除され、新しい列がテーブルに追加されます。\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| EVAL height = height * 3.281\n```\n\n#### 関数\nEVALは値を計算するためのさまざまな関数をサポートしています。関数をクリックすると詳細が表示されます。\n ", - "languageDocumentationPopover.documentationESQL.floor": "FLOOR", - "languageDocumentationPopover.documentationESQL.floor.markdown": "\n\n ### FLOOR\n 最も近い整数に数値を切り捨てます。\n\n ```\n ROW a=1.8\n | EVAL a=FLOOR(a)\n ```\n 注:これはlong(符号なしを含む)とintegerのnoopです。\n doubleの場合、Math.floorと同様に、整数に最も近いdoubleの値を選びます。\n \n ", - "languageDocumentationPopover.documentationESQL.from": "FROM", - "languageDocumentationPopover.documentationESQL.from_base64": "FROM_BASE64", - "languageDocumentationPopover.documentationESQL.from_base64.markdown": "\n\n ### FROM_BASE64\n base64文字列をデコードします。\n\n ```\n row a = \"ZWxhc3RpYw==\" \n | eval d = from_base64(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.from.markdown": "### FROM\nソースコマンドFROMは、データストリーム、インデックス、またはエイリアスから、最大10,000ドキュメントを含むテーブルを返します。結果のテーブルの各行はドキュメントを表します。各列はフィールドに対応し、そのフィールドの名前でアクセスできます。\n\n```\nFROM employees\n```\n\n[日付演算](https://www.elastic.co/guide/en/elasticsearch/reference/current/api-conventions.html#api-date-math-index-names) を使用して、インデックス、エイリアス、データストリームを参照できます。これは時系列データの場合に便利です。\n\nカンマ区切りのリストまたはワイルドカードを使用して、複数のデータストリーム、インデックス、またはエイリアスをクエリーします。\n\n```\nFROM employees-00001,employees-*\n```\n\n#### メタデータ\n\nES|QLは以下のメタデータフィールドにアクセスできます。\n\n* `_index`:ドキュメントが属するインデックス。このフィールドはkeyword型です。\n* `_id`:ソースドキュメントのID。このフィールドはkeyword型です。### `_version`:ソースドキュメントのバージョン。フィールドの型はlongです。\n\nメタデータフィールドを有効にするには、METADATAディレクティブを使います。\n\n```\nFROM index [METADATA _index, _id]\n```\n\nメタデータフィールドは、データのソースがインデックスである場合にのみ使用できます。その結果、FROMはMETADATAディレクティブをサポートする唯一のソースコマンドです。\n\nこのフィールドが有効になると、他のインデックスフィールドと同様に、後続の処理コマンドで利用できるようになります。\n\n```\nFROM ul_logs, apps [METADATA _index, _version]\n| WHERE id IN (13, 14) AND _version == 1\n| EVAL key = CONCAT(_index, \"_\", TO_STR(id))\n| SORT id, _index\n| KEEP id, _index, _version, key\n```\n\nまた、インデックス・フィールドと同様に、一度集約が実行されると、グループ化フィールドとして使用されないかぎり、メタデータフィールドは後続のコマンドからはアクセスできなくなります。\n\n```\nFROM employees [METADATA _index, _id]\n| STATS max = MAX(emp_no) BY _index\n```\n ", - "languageDocumentationPopover.documentationESQL.greatest": "GREATEST", - "languageDocumentationPopover.documentationESQL.greatest.markdown": "\n\n ### GREATEST\n 多数の列から最大値を返します。これはMV_MAX\n と似ていますが、一度に複数の列に対して実行します。\n\n ```\n ROW a = 10, b = 20\n | EVAL g = GREATEST(a, b)\n ```\n 注:keywordまたはtextフィールドに対して実行すると、アルファベット順の最後の文字列を返します。boolean列に対して実行すると、値がtrueの場合にtrueを返します。\n ", - "languageDocumentationPopover.documentationESQL.grok": "GROK", - "languageDocumentationPopover.documentationESQL.grok.markdown": "### GROK\nGROKを使うと、文字列から構造化データを抽出できます。GROKは正規表現に基づいて文字列をパターンと一致させ、指定されたパターンを列として抽出します。\n\ngrokパターンの構文については、 [grokプロセッサードキュメント](https://www.elastic.co/guide/en/elasticsearch/reference/current/grok-processor.html)を参照してください。\n\n```\nROW a = \"12 15.5 15.6 true\"\n| GROK a \"%'{NUMBER:b:int}' %'{NUMBER:c:float}' %'{NUMBER:d:double}' %'{WORD:e:boolean}'\"\n```\n ", - "languageDocumentationPopover.documentationESQL.inOperator": "IN", - "languageDocumentationPopover.documentationESQL.inOperator.markdown": "### IN\nIN演算子は、フィールドや式がリテラル、フィールド、式のリストの要素と等しいかどうかをテストすることができます。\n\n```\nROW a = 1, b = 4, c = 3\n| WHERE c-a IN (3, b / 2, a)\n```\n ", - "languageDocumentationPopover.documentationESQL.ip_prefix": "IP_PREFIX", - "languageDocumentationPopover.documentationESQL.ip_prefix.markdown": "\n\n ### IP_PREFIX\n IPを特定のプレフィックス長に切り詰めます。\n\n ```\n row ip4 = to_ip(\"1.2.3.4\"), ip6 = to_ip(\"fe80::cae2:65ff:fece:feb9\")\n | eval ip4_prefix = ip_prefix(ip4, 24, 0), ip6_prefix = ip_prefix(ip6, 0, 112);\n ```\n ", - "languageDocumentationPopover.documentationESQL.keep": "KEEP", - "languageDocumentationPopover.documentationESQL.keep.markdown": "### KEEP\nKEEPコマンドは、返される列と、列が返される順序を指定することができます。\n\n返される列を制限するには、カンマで区切りの列名リストを使用します。列は指定された順序で返されます。\n \n```\nFROM employees\n| KEEP first_name, last_name, height\n```\n\n各列を名前で指定するのではなく、ワイルドカードを使って、パターンと一致する名前の列をすべて返すことができます。\n\n```\nFROM employees\n| KEEP h*\n```\n\nアスタリスクワイルドカード(*)は単独で、他の引数と一致しないすべての列に変換されます。このクエリーは、最初にhで始まる名前の列をすべて返し、その後にその他の列をすべて返します。\n\n```\nFROM employees\n| KEEP h*, *\n```\n ", - "languageDocumentationPopover.documentationESQL.least": "LEAST", - "languageDocumentationPopover.documentationESQL.least.markdown": "\n\n ### LEAST\n 多数の列から最小値を返します。これはMV_MINと似ていますが、一度に複数の列に対して実行します。\n\n ```\n ROW a = 10, b = 20\n | EVAL l = LEAST(a, b)\n ```\n ", - "languageDocumentationPopover.documentationESQL.left": "LEFT", - "languageDocumentationPopover.documentationESQL.left.markdown": "\n\n ### LEFT\n stringから左から順にlength文字を抜き出したサブ文字列を返します。\n\n ```\n FROM employees\n | KEEP last_name\n | EVAL left = LEFT(last_name, 3)\n | SORT last_name ASC\n | LIMIT 5\n ```\n ", - "languageDocumentationPopover.documentationESQL.length": "LENGTH", - "languageDocumentationPopover.documentationESQL.length.markdown": "\n\n ### LENGTH\n 文字列の文字数を返します。\n\n ```\n FROM employees\n | KEEP first_name, last_name\n | EVAL fn_length = LENGTH(first_name)\n ```\n ", - "languageDocumentationPopover.documentationESQL.limit": "LIMIT", - "languageDocumentationPopover.documentationESQL.limit.markdown": "### LIMIT\nLIMIT`処理コマンドは行数を制限することができます。\n \n```\nFROM employees\n| LIMIT 5\n```\n ", - "languageDocumentationPopover.documentationESQL.locate": "LOCATE", - "languageDocumentationPopover.documentationESQL.locate.markdown": "\n\n ### LOCATE\n 別の文字列内のキーワードサブ文字列の位置を示す整数を返します。\n\n ```\n row a = \"hello\"\n | eval a_ll = locate(a, \"ll\")\n ```\n ", - "languageDocumentationPopover.documentationESQL.log": "LOG", - "languageDocumentationPopover.documentationESQL.log.markdown": "\n\n ### LOG\n 基数に対する値の対数を返します。入力は任意の数値で、戻り値は常にdoubleです。\n\n ゼロの対数、負数、1の基数はnullと警告を返します。\n\n ```\n ROW base = 2.0, value = 8.0\n | EVAL s = LOG(base, value)\n ```\n ", - "languageDocumentationPopover.documentationESQL.log10": "LOG10", - "languageDocumentationPopover.documentationESQL.log10.markdown": "\n\n ### LOG10\n 基数10に対する値の対数を返します。入力は任意の数値で、戻り値は常にdoubleです。\n\n 0の対数および負数はnullと警告を返します。\n\n ```\n ROW d = 1000.0 \n | EVAL s = LOG10(d)\n ```\n ", - "languageDocumentationPopover.documentationESQL.ltrim": "LTRIM", - "languageDocumentationPopover.documentationESQL.ltrim.markdown": "\n\n ### LTRIM\n 文字列から先頭の空白を取り除きます。\n\n ```\n ROW message = \" some text \", color = \" red \"\n | EVAL message = LTRIM(message)\n | EVAL color = LTRIM(color)\n | EVAL message = CONCAT(\"'\", message, \"'\")\n | EVAL color = CONCAT(\"'\", color, \"'\")\n ```\n ", - "languageDocumentationPopover.documentationESQL.markdown": "## ES|QL\n\nES|QL(Elasticsearch クエリー言語)クエリーは、パイプ文字の|で区切られた一連のコマンドで構成されます。各クエリーは**ソースコマンド**で始まり、通常はElasticsearchのデータを使ってテーブルを生成します。\n\nソースコマンドには、1つ以上の**処理コマンド**を続けることができます。処理コマンドは、行や列を追加、削除、変更することで、前のコマンドの出力テーブルを変更することができます。\n\n```\nsource-command\n| processing-command1\n| processing-command2\n```\n\nクエリーの結果は、最終的な処理コマンドによって生成されるテーブルです。 \n ", - "languageDocumentationPopover.documentationESQL.mv_append": "MV_APPEND", - "languageDocumentationPopover.documentationESQL.mv_append.markdown": "\n\n ### MV_APPEND\n 2つの複数値フィールドの値を連結します\n\n ", - "languageDocumentationPopover.documentationESQL.mv_avg": "MV_AVG", - "languageDocumentationPopover.documentationESQL.mv_avg.markdown": "\n\n ### MV_AVG\n 複数値フィールドを、すべての値の平均を含む単一値フィールドに変換します。\n\n ```\n ROW a=[3, 5, 1, 6]\n | EVAL avg_a = MV_AVG(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_concat": "MV_CONCAT", - "languageDocumentationPopover.documentationESQL.mv_concat.markdown": "\n\n ### MV_CONCAT\n 複数値文字列式を、区切り文字で区切られたすべての値を連結した単一値列に変換します。\n\n ```\n ROW a=[\"foo\", \"zoo\", \"bar\"]\n | EVAL j = MV_CONCAT(a, \", \")\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_count": "MV_COUNT", - "languageDocumentationPopover.documentationESQL.mv_count.markdown": "\n\n ### MV_COUNT\n 複数値式を、値の数をカウントする単一値列に変換します。\n\n ```\n ROW a=[\"foo\", \"zoo\", \"bar\"]\n | EVAL count_a = MV_COUNT(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_dedupe": "MV_DEDUPE", - "languageDocumentationPopover.documentationESQL.mv_dedupe.markdown": "\n\n ### MV_DEDUPE\n 複数値フィールドから重複する値を削除します。\n\n ```\n ROW a=[\"foo\", \"foo\", \"bar\", \"foo\"]\n | EVAL dedupe_a = MV_DEDUPE(a)\n ```\n 注:MV_DEDUPEは列の値をソートすることがありますが、常にソートするわけではありません。\n ", - "languageDocumentationPopover.documentationESQL.mv_first": "MV_FIRST", - "languageDocumentationPopover.documentationESQL.mv_first.markdown": "\n\n ### MV_FIRST\n \n 複数値式を、最初の値を含む単一値列に変換します。これは、SPLITなどの既知の順序で複数値列を発行する関数から読み取るときに役立ちます。\n \n\n 複数値フィールドが基本ストレージから読み取られる順序は保証されません。\n \n 通常は昇順ですが、必ずしもそうであるわけではありません。最小値が必要な場合は、MV_FIRSTの代わりに、MV_MINを使用します。\n MV_MINは、ソートされた値向けに最適化されているため、\n MV_FIRSTにパフォーマンスの利点はありません。\n\n ```\n ROW a=\"foo;bar;baz\"\n | EVAL first_a = MV_FIRST(SPLIT(a, \";\"))\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_last": "MV_LAST", - "languageDocumentationPopover.documentationESQL.mv_last.markdown": "\n\n ### MV_LAST\n \n 複数値式を、最後の値を含む単一値列に変換します。これは、SPLITなどの既知の順序で複数値列を発行する関数から読み取るときに役立ちます。\n \n\n 複数値フィールドが基本ストレージから読み取られる順序は保証されません。\n \n 通常は昇順ですが、必ずしもそうであるわけではありません。最大値が必要な場合は、MV_LASTの代わりに、MV_MAXを使用します。\n MV_MAXは、ソートされた値向けに最適化されているため、\n MV_LASTにパフォーマンスの利点はありません。\n\n ```\n ROW a=\"foo;bar;baz\"\n | EVAL last_a = MV_LAST(SPLIT(a, \";\"))\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_max": "MV_MAX", - "languageDocumentationPopover.documentationESQL.mv_max.markdown": "\n\n ### MV_MAX\n 複数値フィールドを、最大値を含む単一値フィールドに変換します。\n\n ```\n ROW a=[3, 5, 1]\n | EVAL max_a = MV_MAX(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_median": "MV_MEDIAN", - "languageDocumentationPopover.documentationESQL.mv_median.markdown": "\n\n ### MV_MEDIAN\n 複数値フィールドを、中央値を含む単一値フィールドに変換します。\n\n ```\n ROW a=[3, 5, 1]\n | EVAL median_a = MV_MEDIAN(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_min": "MV_MIN", - "languageDocumentationPopover.documentationESQL.mv_min.markdown": "\n\n ### MV_MIN\n 複数値フィールドを、最小値を含む単一値フィールドに変換します。\n\n ```\n ROW a=[2, 1]\n | EVAL min_a = MV_MIN(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_slice": "MV_SLICE", - "languageDocumentationPopover.documentationESQL.mv_slice.markdown": "\n\n ### MV_SLICE\n 開始インデックス値と終了インデックス値を使用して、複数値フィールドのサブセットを返します。\n\n ```\n row a = [1, 2, 2, 3]\n | eval a1 = mv_slice(a, 1), a2 = mv_slice(a, 2, 3)\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_sort": "MV_SORT", - "languageDocumentationPopover.documentationESQL.mv_sort.markdown": "\n\n ### MV_SORT\n 辞書の順序で複数値フィールドを並べ替えます。\n\n ```\n ROW a = [4, 2, -3, 2]\n | EVAL sa = mv_sort(a), sd = mv_sort(a, \"DESC\")\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_sum": "MV_SUM", - "languageDocumentationPopover.documentationESQL.mv_sum.markdown": "\n\n ### MV_SUM\n 複数値フィールドを、すべての値の合計を含む単一値フィールドに変換します。\n\n ```\n ROW a=[3, 5, 6]\n | EVAL sum_a = MV_SUM(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_zip": "MV_ZIP", - "languageDocumentationPopover.documentationESQL.mv_zip.markdown": "\n\n ### MV_ZIP\n 値を結合する区切り文字を使用して、2つの複数値フィールドの値を結合します。\n\n ```\n ROW a = [\"x\", \"y\", \"z\"], b = [\"1\", \"2\"]\n | EVAL c = mv_zip(a, b, \"-\")\n | KEEP a, b, c\n ```\n ", - "languageDocumentationPopover.documentationESQL.mvExpand": "MV_EXPAND", - "languageDocumentationPopover.documentationESQL.mvExpand.markdown": "### MV_EXPAND\nMV_EXPAND処理コマンドは、複数値フィールドを値ごとに1行に展開し、他のフィールドを複製します。 \n```\nROW a=[1,2,3], b=\"b\", j=[\"a\",\"b\"]\n| MV_EXPAND a\n```\n ", - "languageDocumentationPopover.documentationESQL.now": "NOW", - "languageDocumentationPopover.documentationESQL.now.markdown": "\n\n ### NOW\n 現在の日付と時刻を返します。\n\n ```\n ROW current_date = NOW()\n ```\n ", - "languageDocumentationPopover.documentationESQL.pi": "PI", - "languageDocumentationPopover.documentationESQL.pi.markdown": "\n\n ### PI\n 円の円周と直径の比率であるPiを返します。\n\n ```\n ROW PI()\n ```\n ", - "languageDocumentationPopover.documentationESQL.pow": "POW", - "languageDocumentationPopover.documentationESQL.pow.markdown": "\n\n ### POW\n exponentのべき乗にしたbaseの値を返します。\n\n ```\n ROW base = 2.0, exponent = 2\n | EVAL result = POW(base, exponent)\n ```\n 注:ここでは、倍精度浮動小数点数の結果でもオーバーフローする可能性があります。その場合は、NULLが返されます。\n ", - "languageDocumentationPopover.documentationESQL.predicates": "NULL値", - "languageDocumentationPopover.documentationESQL.predicates.markdown": "### NULL値\nNULLの比較には、IS NULLとIS NOT NULL述語を使います。\n\n```\nFROM employees\n| WHERE birth_date IS NULL\n| KEEP first_name, last_name\n| SORT first_name\n| LIMIT 3\n```\n\n```\nFROM employees\n| WHERE is_rehired IS NOT NULL\n| STATS count(emp_no)\n```\n ", - "languageDocumentationPopover.documentationESQL.rename": "RENAME", - "languageDocumentationPopover.documentationESQL.rename.markdown": "### RENAME\nRENAMEを使用して、次の構文で列の名前を変更します。\n\n```\nRENAME AS \n```\n\n例:\n\n```\nFROM employees\n| KEEP first_name, last_name, still_hired\n| RENAME still_hired AS employed\n```\n\n新しい名前の列がすでに存在する場合、その列は新しい列に置き換えられます。\n\n複数の列の名前を1つのRENAMEコマンドで変更することができます。\n\n```\nFROM employees\n| KEEP first_name, last_name\n| RENAME first_name AS fn, last_name AS ln\n```\n ", - "languageDocumentationPopover.documentationESQL.repeat": "REPEAT", - "languageDocumentationPopover.documentationESQL.repeat.markdown": "\n\n ### REPEAT\n 指定したnumberの回数、文字列stringとそれ自身を連結して構成された文字列を返します。\n\n ```\n ROW a = \"Hello!\"\n | EVAL triple_a = REPEAT(a, 3);\n ```\n ", - "languageDocumentationPopover.documentationESQL.replace": "REPLACE", - "languageDocumentationPopover.documentationESQL.replace.markdown": "\n\n ### REPLACE\n \n この関数は、正規表現regexと置換文字列newStrの任意の一致を文字列strに代入します。\n\n ```\n ROW str = \"Hello World\"\n | EVAL str = REPLACE(str, \"World\", \"Universe\")\n | KEEP str\n ```\n ", - "languageDocumentationPopover.documentationESQL.right": "RIGHT", - "languageDocumentationPopover.documentationESQL.right.markdown": "\n\n ### RIGHT\n strのうち右から数えてlength文字までのサブ文字列を返します。\n\n ```\n FROM employees\n | KEEP last_name\n | EVAL right = RIGHT(last_name, 3)\n | SORT last_name ASC\n | LIMIT 5\n ```\n ", - "languageDocumentationPopover.documentationESQL.round": "ROUND", - "languageDocumentationPopover.documentationESQL.round.markdown": "\n\n ### ROUND\n 数値を指定した小数点以下の桁数に丸めます。\n デフォルトは0で、最も近い整数を返します。\n 精度が負の場合、小数点以下の桁数に丸めます。\n \n\n ```\n FROM employees\n | KEEP first_name, last_name, height\n | EVAL height_ft = ROUND(height * 3.281, 1)\n ```\n ", - "languageDocumentationPopover.documentationESQL.row": "ROW", - "languageDocumentationPopover.documentationESQL.row.markdown": "### ROW\nROWソースコマンドは、指定した値の列を1つ以上含む行を作成します。これはテストの場合に便利です。\n \n```\nROW a = 1, b = \"two\", c = null\n```\n\n複数の値を含む列を作成するには角括弧を使用します。\n\n```\nROW a = [2, 1]\n```\n\nROWは関数の使用をサポートしています。\n\n```\nROW a = ROUND(1.23, 0)\n```\n ", - "languageDocumentationPopover.documentationESQL.rtrim": "RTRIM", - "languageDocumentationPopover.documentationESQL.rtrim.markdown": "\n\n ### RTRIM\n 文字列から末尾の空白を取り除きます。\n\n ```\n ROW message = \" some text \", color = \" red \"\n | EVAL message = RTRIM(message)\n | EVAL color = RTRIM(color)\n | EVAL message = CONCAT(\"'\", message, \"'\")\n | EVAL color = CONCAT(\"'\", color, \"'\")\n ```\n ", - "languageDocumentationPopover.documentationESQL.show": "SHOW", - "languageDocumentationPopover.documentationESQL.show.markdown": "### SHOW\nSHOW ソースコマンドはデプロイとその能力に関する情報を返します。\n\n* デプロイのバージョン、ビルド日、ハッシュを返すには、SHOW INFOを使用します。\n* SHOW FUNCTIONSを使用すると、サポートされているすべての関数のリストと各関数の概要を返します。\n ", - "languageDocumentationPopover.documentationESQL.signum": "SIGNUM", - "languageDocumentationPopover.documentationESQL.signum.markdown": "\n\n ### SIGNUM\n 任意の数値の符号を返します。\n 負の数値の場合は-1を返します。0の場合は0を返します。正の数値の場合は1を返します。\n\n ```\n ROW d = 100.0\n | EVAL s = SIGNUM(d)\n ```\n ", - "languageDocumentationPopover.documentationESQL.sin": "SIN", - "languageDocumentationPopover.documentationESQL.sin.markdown": "\n\n ### SIN\n 角度の正弦三角関数を返します。\n\n ```\n ROW a=1.8 \n | EVAL sin=SIN(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.sinh": "SINH", - "languageDocumentationPopover.documentationESQL.sinh.markdown": "\n\n ### SINH\n 角度の双曲線正弦を返します。\n\n ```\n ROW a=1.8 \n | EVAL sinh=SINH(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.sort": "SORT", - "languageDocumentationPopover.documentationESQL.sort.markdown": "### SORT\nSORTコマンドを使用すると、1つ以上のフィールドで行をソートすることができます。\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| SORT height\n```\n\nデフォルトのソート順は昇順です。ASCまたはDESCを使って明示的なソート順を設定します。\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| SORT height DESC\n```\n\n2つの行のソートキーが同じ場合、元の順序が保持されます。タイブレーカーとなるソート式を追加で指定できます。\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| SORT height DESC, first_name ASC\n```\n\n#### null値\nデフォルトでは、null値は他のどの値よりも大きい値として扱われます。昇順のソートではnull値は最後にソートされ、降順のソートではnull値は最初にソートされます。NULLS FIRSTまたはNULLS LASTを指定することで変更できます。\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| SORT first_name ASC NULLS FIRST\n```\n ", - "languageDocumentationPopover.documentationESQL.split": "SPLIT", - "languageDocumentationPopover.documentationESQL.split.markdown": "\n\n ### SPLIT\n 単一の値の文字列を複数の文字列に分割します。\n\n ```\n ROW words=\"foo;bar;baz;qux;quux;corge\"\n | EVAL word = SPLIT(words, \";\")\n ```\n ", - "languageDocumentationPopover.documentationESQL.sqrt": "SQRT", - "languageDocumentationPopover.documentationESQL.sqrt.markdown": "\n\n ### SQRT\n 数値の平方根を返します。入力は任意の数値で、戻り値は常にdoubleです。\n 負数と無限大の平方根はnullです。\n\n ```\n ROW d = 100.0\n | EVAL s = SQRT(d)\n ```\n ", - "languageDocumentationPopover.documentationESQL.st_contains": "ST_CONTAINS", - "languageDocumentationPopover.documentationESQL.st_contains.markdown": "\n\n ### ST_CONTAINS\n 最初のジオメトリに2番目のジオメトリが含まれるかどうかを返します。\n これはST_WITHIN関数の逆関数です。\n\n ```\n FROM airport_city_boundaries\n | WHERE ST_CONTAINS(city_boundary, TO_GEOSHAPE(\"POLYGON((109.35 18.3, 109.45 18.3, 109.45 18.4, 109.35 18.4, 109.35 18.3))\"))\n | KEEP abbrev, airport, region, city, city_location\n ```\n ", - "languageDocumentationPopover.documentationESQL.st_disjoint": "ST_DISJOINT", - "languageDocumentationPopover.documentationESQL.st_disjoint.markdown": "\n\n ### ST_DISJOINT\n 2つのジオメトリまたはジオメトリ列が結合解除されているかどうかを返します。\n これはST_INTERSECTS関数の逆関数です。\n 数学的には次のようになります。ST_Disjoint(A, B) ⇔ A ⋂ B = ∅\n\n ```\n FROM airport_city_boundaries\n | WHERE ST_DISJOINT(city_boundary, TO_GEOSHAPE(\"POLYGON((-10 -60, 120 -60, 120 60, -10 60, -10 -60))\"))\n | KEEP abbrev, airport, region, city, city_location\n ```\n ", - "languageDocumentationPopover.documentationESQL.st_distance": "ST_DISTANCE", - "languageDocumentationPopover.documentationESQL.st_distance.markdown": "\n\n ### ST_DISTANCE\n 2点間の距離を計算します。\n デカルト幾何学の場合、これは元の座標と同じ単位でのピタゴラス距離です。\n 地理的幾何学では、これはメートル単位での円に沿った円周距離です。\n\n ```\n FROM airports\n | WHERE abbrev == \"CPH\"\n | EVAL distance = ST_DISTANCE(location, city_location)\n | KEEP abbrev, name, location, city_location, distance\n ```\n ", - "languageDocumentationPopover.documentationESQL.st_intersects": "ST_INTERSECTS", - "languageDocumentationPopover.documentationESQL.st_intersects.markdown": "\n\n ### ST_INTERSECTS\n 2つのジオメトリが交差している場合はTrueを返します。\n 内部点を含め、共通の点がある場合は交差しています\n (線に沿った点または多角形内の点)。\n これはST_DISJOINT関数の逆関数です。\n 数学的には次のようになります。ST_Intersects(A, B) ⇔ A ⋂ B ≠ ∅\n\n ```\n FROM airports\n | WHERE ST_INTERSECTS(location, TO_GEOSHAPE(\"POLYGON((42 14, 43 14, 43 15, 42 15, 42 14))\"))\n ```\n ", - "languageDocumentationPopover.documentationESQL.st_within": "ST_WITHIN", - "languageDocumentationPopover.documentationESQL.st_within.markdown": "\n\n ### ST_WITHIN\n 最初のジオメトリが2番目のジオメトリ内にあるかどうかを返します。\n これはST_CONTAINS関数の逆関数です。\n\n ```\n FROM airport_city_boundaries\n | WHERE ST_WITHIN(city_boundary, TO_GEOSHAPE(\"POLYGON((109.1 18.15, 109.6 18.15, 109.6 18.65, 109.1 18.65, 109.1 18.15))\"))\n | KEEP abbrev, airport, region, city, city_location\n ```\n ", - "languageDocumentationPopover.documentationESQL.st_x": "ST_X", - "languageDocumentationPopover.documentationESQL.st_x.markdown": "\n\n ### ST_X\n 指定された点からx座標を抽出します。\n この点がgeo_pointタイプの場合は、longitude値を抽出するのと同じ結果になります。\n\n ```\n ROW point = TO_GEOPOINT(\"POINT(42.97109629958868 14.7552534006536)\")\n | EVAL x = ST_X(point), y = ST_Y(point)\n ```\n ", - "languageDocumentationPopover.documentationESQL.st_y": "ST_Y", - "languageDocumentationPopover.documentationESQL.st_y.markdown": "\n\n ### ST_Y\n 指定された点からy座標を抽出します。\n この点がgeo_pointタイプの場合は、latitude値を抽出するのと同じ結果になります。\n\n ```\n ROW point = TO_GEOPOINT(\"POINT(42.97109629958868 14.7552534006536)\")\n | EVAL x = ST_X(point), y = ST_Y(point)\n ```\n ", - "languageDocumentationPopover.documentationESQL.starts_with": "STARTS_WITH", - "languageDocumentationPopover.documentationESQL.starts_with.markdown": "\n\n ### STARTS_WITH\n キーワード文字列が他の文字列で始まるかどうかを示すブール値を返します。\n\n ```\n FROM employees\n | KEEP last_name\n | EVAL ln_S = STARTS_WITH(last_name, \"B\")\n ```\n ", - "languageDocumentationPopover.documentationESQL.statsby": "STATS ...BY", - "languageDocumentationPopover.documentationESQL.statsby.markdown": "### STATS ...BY\nSTATS ...BYを使用すると、共通の値に従って行をグループ化し、グループ化された行に対する1つ以上の集約値を計算します。\n\n**例**:\n\n```\nFROM employees\n| STATS count = COUNT(emp_no) BY languages\n| SORT languages\n```\n\nBYが省略された場合、出力テーブルには、データセット全体に適用された集約が正確に1行だけ含まれます。\n\n```\nFROM employees\n| STATS avg_lang = AVG(languages)\n```\n\n複数の値を計算することができます。\n\n```\nFROM employees\n| STATS avg_lang = AVG(languages), max_lang = MAX(languages)\n```\n\n複数の値でグループ化することも可能です(longおよびkeywordファミリーフィールドでのみサポート)。\n\n```\nFROM employees\n| EVAL hired = DATE_FORMAT(hire_date, \"YYYY\")\n| STATS avg_salary = AVG(salary) BY hired, languages.long\n| EVAL avg_salary = ROUND(avg_salary)\n| SORT hired, languages.long\n```\n\nSTATS ...BYで使用できる関数の一覧については、**集計関数**を参照してください。\n\n集計関数とグループ式の両方で他の関数を使用できます。これは、複数値列でSTATS...BYを使用するときに有用です。たとえば、平均給与変動を計算するには、まず、MV_AVGを使用して従業員ごとに複数の値の平均を求め、その結果にAVG関数を適用します。\n\n```\nFROM employees\n| STATS avg_salary_change = AVG(MV_AVG(salary_change))\n```\n\n式によるグループ化の例は、姓の最初の文字で従業員をグループ化することです。\n\n```\nFROM employees\n| STATS my_count = COUNT() BY LEFT(last_name, 1)\n| SORT `LEFT(last_name, 1)`\n```\n\n出力列名の指定は任意です。指定しない場合は、新しい列名が式と等しくなります。次のクエリーは列\"AVG(salary)\"を返します。\n\n```\nFROM employees\n| STATS AVG(salary)\n```\n\nこの名前には特殊文字が含まれているため、後続のコマンドで使用するときには、バッククオート(`)で囲む必要があります。\n\n```\nFROM employees\n| STATS AVG(salary)\n| EVAL avg_salary_rounded = ROUND(`AVG(salary)`)\n```\n\n**注**:グループなしのSTATSは、グループを追加するよりも大幅に高速です。\n\n**注**:単一式でのグループは、現在、複数式でのグループよりも大幅に最適化されています。\n ", - "languageDocumentationPopover.documentationESQL.stringOperators": "LIKEおよびRLIKE", - "languageDocumentationPopover.documentationESQL.stringOperators.markdown": "### LIKEおよびRLIKE\nワイルドカードや正規表現を使った文字列比較にはLIKEまたはRLIKEを使います。\n\nワイルドカードを使って文字列を一致させるにはLIKEを使います。次のワイルドカード文字がサポートされています。\n\n* `*`は0文字以上と一致します。\n* `?`は1文字と一致します。\n\n```\nFROM employees\n| WHERE first_name LIKE \"?b*\"\n| KEEP first_name, last_name\n```\n\n正規表現を使って文字列を一致させるには、RLIKEを使います。\n\n```\nFROM employees\n| WHERE first_name RLIKE \".leja.*\"\n| KEEP first_name, last_name\n```\n ", - "languageDocumentationPopover.documentationESQL.substring": "SUBSTRING", - "languageDocumentationPopover.documentationESQL.substring.markdown": "\n\n ### SUBSTRING\n 文字列のサブ文字列を、開始位置とオプションの長さで指定して返します。\n\n ```\n FROM employees\n | KEEP last_name\n | EVAL ln_sub = SUBSTRING(last_name, 1, 3)\n ```\n ", - "languageDocumentationPopover.documentationESQL.tan": "TAN", - "languageDocumentationPopover.documentationESQL.tan.markdown": "\n\n ### TAN\n 角度の正接三角関数を返します。\n\n ```\n ROW a=1.8 \n | EVAL tan=TAN(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.tanh": "TANH", - "languageDocumentationPopover.documentationESQL.tanh.markdown": "\n\n ### TANH\n 角度の正接双曲線関数を返します。\n\n ```\n ROW a=1.8 \n | EVAL tanh=TANH(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.tau": "TAU", - "languageDocumentationPopover.documentationESQL.tau.markdown": "\n\n ### TAU\n 円の円周と半径の比率を返します。\n\n ```\n ROW TAU()\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_base64": "TO_BASE64", - "languageDocumentationPopover.documentationESQL.to_base64.markdown": "\n\n ### TO_BASE64\n 文字列をbase64文字列にエンコードします。\n\n ```\n row a = \"elastic\" \n | eval e = to_base64(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_boolean": "TO_BOOLEAN", - "languageDocumentationPopover.documentationESQL.to_boolean.markdown": "\n\n ### TO_BOOLEAN\n 入力値をブール値に変換します。\n 文字列値*true*は、大文字小文字を区別せずにブール値*true*に変換されます。\n 空文字列を含むそれ以外の値に対しては、この関数は*false*を返します。\n 数値*0*は*false*に変換され、それ以外は*true*に変換されます。\n\n ```\n ROW str = [\"true\", \"TRuE\", \"false\", \"\", \"yes\", \"1\"]\n | EVAL bool = TO_BOOLEAN(str)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_cartesianpoint": "TO_CARTESIANPOINT", - "languageDocumentationPopover.documentationESQL.to_cartesianpoint.markdown": "\n\n ### TO_CARTESIANPOINT\n 入力値をcartesian_point値に変換します。\n 文字列は、WKT Point形式に従っている場合にのみ、正常に変換されます。\n\n ```\n ROW wkt = [\"POINT(4297.11 -1475.53)\", \"POINT(7580.93 2272.77)\"]\n | MV_EXPAND wkt\n | EVAL pt = TO_CARTESIANPOINT(wkt)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_cartesianshape": "TO_CARTESIANSHAPE", - "languageDocumentationPopover.documentationESQL.to_cartesianshape.markdown": "\n\n ### TO_CARTESIANSHAPE\n 入力値をcartesian_shape値に変換します。\n 文字列は、WKT形式に従っている場合にのみ、正常に変換されます。\n\n ```\n ROW wkt = [\"POINT(4297.11 -1475.53)\", \"POLYGON ((3339584.72 1118889.97, 4452779.63 4865942.27, 2226389.81 4865942.27, 1113194.90 2273030.92, 3339584.72 1118889.97))\"]\n | MV_EXPAND wkt\n | EVAL geom = TO_CARTESIANSHAPE(wkt)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_datetime": "TO_DATETIME", - "languageDocumentationPopover.documentationESQL.to_datetime.markdown": "\n\n ### TO_DATETIME\n 入力値を日付値に変換します。\n 文字列は、yyyy-MM-dd'T'HH:mm:ss.SSS'Z'の書式に従っている場合のみ変換が成功します。\n 日付を他の形式に変換するには、DATE_PARSEを使用します。\n\n ```\n ROW string = [\"1953-09-02T00:00:00.000Z\", \"1964-06-02T00:00:00.000Z\", \"1964-06-02 00:00:00\"]\n | EVAL datetime = TO_DATETIME(string)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_degrees": "TO_DEGREES", - "languageDocumentationPopover.documentationESQL.to_degrees.markdown": "\n\n ### TO_DEGREES\n ラジアンの数値を度数に変換します。\n\n ```\n ROW rad = [1.57, 3.14, 4.71]\n | EVAL deg = TO_DEGREES(rad)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_double": "TO_DOUBLE", - "languageDocumentationPopover.documentationESQL.to_double.markdown": "\n\n ### TO_DOUBLE\n 入力値をdouble値に変換します。入力パラメーターが日付型の場合、その値はUnixのエポックからのミリ秒として解釈され、doubleに変換されます。\n \n ブール値の*true*はdouble値の*1.0*に、*false*は*0.0*に変換されます。\n\n ```\n ROW str1 = \"5.20128E11\", str2 = \"foo\"\n | EVAL dbl = TO_DOUBLE(\"520128000000\"), dbl1 = TO_DOUBLE(str1), dbl2 = TO_DOUBLE(str2)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_geopoint": "TO_GEOPOINT", - "languageDocumentationPopover.documentationESQL.to_geopoint.markdown": "\n\n ### TO_GEOPOINT\n 入力値をgeo_point値に変換します。\n 文字列は、WKT Point形式に従っている場合にのみ、正常に変換されます。\n\n ```\n ROW wkt = \"POINT(42.97109630194 14.7552534413725)\"\n | EVAL pt = TO_GEOPOINT(wkt)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_geoshape": "TO_GEOSHAPE", - "languageDocumentationPopover.documentationESQL.to_geoshape.markdown": "\n\n ### TO_GEOSHAPE\n 入力値をgeo_shape値に変換します。\n 文字列は、WKT形式に従っている場合にのみ、正常に変換されます。\n\n ```\n ROW wkt = \"POLYGON ((30 10, 40 40, 20 40, 10 20, 30 10))\"\n | EVAL geom = TO_GEOSHAPE(wkt)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_integer": "TO_INTEGER", - "languageDocumentationPopover.documentationESQL.to_integer.markdown": "\n\n ### TO_INTEGER\n 入力値を整数値に変換します。\n 入力パラメーターが日付型の場合、その値はUnixのエポックからのミリ秒として解釈され、整数に変換されます。\n \n ブール値*true*は整数*1*に、*false*は*0*に変換されます。\n\n ```\n ROW long = [5013792, 2147483647, 501379200000]\n | EVAL int = TO_INTEGER(long)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_ip": "TO_IP", - "languageDocumentationPopover.documentationESQL.to_ip.markdown": "\n\n ### TO_IP\n 入力文字列をIP値に変換します。\n\n ```\n ROW str1 = \"1.1.1.1\", str2 = \"foo\"\n | EVAL ip1 = TO_IP(str1), ip2 = TO_IP(str2)\n | WHERE CIDR_MATCH(ip1, \"1.0.0.0/8\")\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_long": "TO_LONG", - "languageDocumentationPopover.documentationESQL.to_long.markdown": "\n\n ### TO_LONG\n 入力値をlong値に変換します。入力パラメーターが日付型の場合、\n その値はUnixのエポックからのミリ秒として解釈され、longに変換されます。\n ブール値の*true*は*long*値の*1*に、*false*は*0*に変換されます。\n\n ```\n ROW str1 = \"2147483648\", str2 = \"2147483648.2\", str3 = \"foo\"\n | EVAL long1 = TO_LONG(str1), long2 = TO_LONG(str2), long3 = TO_LONG(str3)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_lower": "TO_LOWER", - "languageDocumentationPopover.documentationESQL.to_lower.markdown": "\n\n ### TO_LOWER\n 小文字に変換された入力文字列を表す新しい文字列を返します。\n\n ```\n ROW message = \"Some Text\"\n | EVAL message_lower = TO_LOWER(message)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_radians": "TO_RADIANS", - "languageDocumentationPopover.documentationESQL.to_radians.markdown": "\n\n ### TO_RADIANS\n 度数をラジアンに変換します。\n\n ```\n ROW deg = [90.0, 180.0, 270.0]\n | EVAL rad = TO_RADIANS(deg)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_string": "TO_STRING", - "languageDocumentationPopover.documentationESQL.to_string.markdown": "\n\n ### TO_STRING\n 入力値を文字列に変換します。\n\n ```\n ROW a=10\n | EVAL j = TO_STRING(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_unsigned_long": "TO_UNSIGNED_LONG", - "languageDocumentationPopover.documentationESQL.to_unsigned_long.markdown": "\n\n ### TO_UNSIGNED_LONG\n 入力値を符号なしlong値に変換します。入力パラメーターが日付型の場合、\n その値はUnixのエポックからのミリ秒として解釈され、符号なしlong値に変換されます。\n ブール値の*true*は符号なし*long*値の*1*に、*false*は*0*に変換されます。\n\n ```\n ROW str1 = \"2147483648\", str2 = \"2147483648.2\", str3 = \"foo\"\n | EVAL long1 = TO_UNSIGNED_LONG(str1), long2 = TO_ULONG(str2), long3 = TO_UL(str3)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_upper": "TO_UPPER", - "languageDocumentationPopover.documentationESQL.to_upper.markdown": "\n\n ### TO_UPPER\n 大文字に変換された入力文字列を表す新しい文字列を返します。\n\n ```\n ROW message = \"Some Text\"\n | EVAL message_upper = TO_UPPER(message)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_version": "TO_VERSION", - "languageDocumentationPopover.documentationESQL.to_version.markdown": "\n\n ### TO_VERSION\n 入力文字列をバージョン値に変換します。\n\n ```\n ROW v = TO_VERSION(\"1.2.3\")\n ```\n ", - "languageDocumentationPopover.documentationESQL.trim": "TRIM", - "languageDocumentationPopover.documentationESQL.trim.markdown": "\n\n ### TRIM\n 文字列から先頭と末尾の空白を削除します。\n\n ```\n ROW message = \" some text \", color = \" red \"\n | EVAL message = TRIM(message)\n | EVAL color = TRIM(color)\n ```\n ", - "languageDocumentationPopover.documentationESQL.where": "WHERE", - "languageDocumentationPopover.documentationESQL.where.markdown": "### WHERE\nWHEREを使用すると、入力テーブルから、指定した条件がtrueと評価されるすべての行を含むテーブルを作成します。\n \n```\nFROM employees\n| KEEP first_name, last_name, still_hired\n| WHERE still_hired == true\n```\n\n#### 演算子\n\nサポートされている演算子の概要については、**演算子**を参照してください。\n\n#### 関数\nWHEREは値を計算するためのさまざまな関数をサポートしています。**関数**をクリックすると詳細が表示されます。\n ", + "languageDocumentation.documentationESQL.abs": "ABS", + "languageDocumentation.documentationESQL.abs.markdown": "\n\n ### ABS\n 絶対値を返します。\n\n ```\n ROW number = -1.0 \n | EVAL abs_number = ABS(number)\n ```\n ", + "languageDocumentation.documentationESQL.acos": "ACOS", + "languageDocumentation.documentationESQL.acos.markdown": "\n\n ### ACOS\n nのアークコサインをラジアンで表記された角度として返します。\n\n ```\n ROW a=.9\n | EVAL acos=ACOS(a)\n ```\n ", + "languageDocumentation.documentationESQL.asin": "ASIN", + "languageDocumentation.documentationESQL.asin.markdown": "\n\n ### ASIN\n 入力\n 数値式のアークサインをラジアンで表記された角度として返します。\n\n ```\n ROW a=.9\n | EVAL asin=ASIN(a)\n ```\n ", + "languageDocumentation.documentationESQL.atan": "ATAN", + "languageDocumentation.documentationESQL.atan.markdown": "\n\n ### ATAN\n 入力\n 数値式のアークタンジェントをラジアンで表記された角度として返します。\n\n ```\n ROW a=12.9\n | EVAL atan=ATAN(a)\n ```\n ", + "languageDocumentation.documentationESQL.atan2": "ATAN2", + "languageDocumentation.documentationESQL.atan2.markdown": "\n\n ### ATAN2\n 直交平面上の原点から点(x , y)に向かう光線と正のx軸のなす角(ラジアン表記)。\n \n\n ```\n ROW y=12.9, x=.6\n | EVAL atan2=ATAN2(y, x)\n ```\n ", + "languageDocumentation.documentationESQL.autoBucketFunction": "BUCKET", + "languageDocumentation.documentationESQL.autoBucketFunction.markdown": "### バケット\n日時または数値入力から、値(バケット)のグループを作成します。バケットのサイズは直接指定するか、推奨される数と値の範囲に基づいて選択できます。\n\nBUCKETは次の2つのモードで動作します。\n\n1.バケットのサイズがバケット数の提案(4つのパラメーター)と範囲に基づいて計算される。\n2.バケットサイズが直接指定される(2つのパラメーター)。\n\n目標バケット数、開始日、終了日を使用すると、目標バケット数以下のバケットを生成するために適切なバケットサイズがBUCKETによって選択されます。\n\nたとえば、1年に最大20バケットをリクエストすると、データが1か月間隔で整理されます。\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hire_date = MV_SORT(VALUES(hire_date)) BY month = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT hire_date\n```\n\n**注**:ここでは、正確な目標バケット数を指定するのではなく、目標バケット数を_上限_として範囲を指定します。\n\nBUCKETを集約と組み合わせ、ヒストグラムを作成できます。\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hires_per_month = COUNT(*) BY month = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT month\n```\n\n**注**:BUCKETは、どのドキュメントにも一致しないバケットを作成しません。そのため、前の例では1985-03-01やその他の日付が抜けています。\n\nその他のバケットを要求すると、範囲が小さくなることがあります。たとえば、1年に最大100バケットをリクエストすると、1週間単位のバケットになります。\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hires_per_week = COUNT(*) BY week = BUCKET(hire_date, 100, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT week\n```\n\n**注**:AUTO_BUCKETは行をフィルタリングしません。指定された範囲のみを使用して、適切なバケットサイズを選択します。範囲外の値の行に対しては、範囲外のバケツに対応するバケット値を返します。行をフィルタリングするには、BUCKETとWHEREを組み合わせます。\n\n事前に任意のバケットサイズがわかっている場合は、2番目の引数として指定し、範囲を除外します。\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hires_per_week = COUNT(*) BY week = BUCKET(hire_date, 1 week)\n| SORT week\n```\n\n**注**:バケットサイズを2番目のパラメーターとして指定するときには、時間の期間または日付の期間を選択する必要があります。\n\nBUCKETは数値フィールドでも動作します。たとえば、給与ヒストグラムを作成します。\n\n```\nFROM employees\n| STATS COUNT(*) by bs = BUCKET(salary, 20, 25324, 74999)\n| SORT bs\n```\n\n日付範囲で意図的フィルタリングする前の例とは異なり、数値フィールドでフィルタリングすることはほとんどありません。最小値と最大値を別々に見つける必要があります。ES|QLにはそれを自動的に実行するための簡単な方法がありません。\n\n任意のバケットサイズが事前にわかっている場合は、範囲を省略できます。2番目の引数として指定します。\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS c = COUNT(1) BY b = BUCKET(salary, 5000.)\n| SORT b\n```\n\n**注**:バケットサイズを2番目のパラメーターとして指定するときには、**浮動小数点数型**でなければなりません。\n\n次の例は、過去24時間の1時間単位のバケットを作成し、1時間当たりのイベント数を計算します。\n\n```\nFROM sample_data\n| WHERE @timestamp >= NOW() - 1 day and @timestamp < NOW()\n| STATS COUNT(*) BY bucket = BUCKET(@timestamp, 25, NOW() - 1 day, NOW())\n```\n\n次の例は、1985年の1か月単位のバケットを作成し、採用月別に平均給与を計算します。\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS AVG(salary) BY bucket = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT bucket\n```\n\n集約部で関数が**グループ部で定義されたエイリアスによって参照されている**場合、またはまったく同じ式で呼び出されている場合、BUCKETは、 STATS …​ BY …コマンドの集約部とグループ部の両方で使用できます。\n\n例:\n\n```\nFROM employees\n| STATS s1 = b1 + 1, s2 = BUCKET(salary / 1000 + 999, 50.) + 2 BY b1 = BUCKET(salary / 100 + 99, 50.), b2 = BUCKET(salary / 1000 + 999, 50.)\n| SORT b1, b2\n| KEEP s1, b1, s2, b2\n```\n ", + "languageDocumentation.documentationESQL.binaryOperators": "バイナリ演算子", + "languageDocumentation.documentationESQL.binaryOperators.markdown": "### バイナリ演算子\n次のバイナリ比較演算子がサポートされています。\n\n* 等号:`==`\n* 不等号:`!=`\n* より小さい:`<`\n* 以下:`<=`\n* より大きい:`>`\n* 以上:`>=`\n* 加算:`+`\n* 減算:`-`\n* 乗算:`*`\n* 除算:`/`\n* 係数:`%`\n ", + "languageDocumentation.documentationESQL.booleanOperators": "ブール演算子", + "languageDocumentation.documentationESQL.booleanOperators.markdown": "### ブール演算子\n次のブール演算子がサポートされています。\n\n* `AND`\n* `OR`\n* `NOT`\n ", + "languageDocumentation.documentationESQL.bucket": "BUCKET", + "languageDocumentation.documentationESQL.bucket.markdown": "\n\n ### BUCKET\n 日時または数値入力から、値(バケット)のグループを作成します。\n バケットのサイズは直接指定するか、推奨される数と値の範囲に基づいて選択できます。\n\n ```\n FROM employees\n | WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n | STATS hire_date = MV_SORT(VALUES(hire_date)) BY month = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n | SORT hire_date\n ```\n ", + "languageDocumentation.documentationESQL.case": "CASE", + "languageDocumentation.documentationESQL.case.markdown": "\n\n ### CASE\n 条件と値のペアを指定できます。この関数は、trueと評価される\n 最初の条件に属する値を返します。\n\n 引数の数が奇数の場合、最後の引数は条件に一致しない場合に返されるデフォルト値になります。\n 引数の数が偶数で、\n 条件が一致しない場合、この関数はnullを返します。\n\n ```\n FROM employees\n | EVAL type = CASE(\n languages <= 1, \"monolingual\",\n languages <= 2, \"bilingual\",\n \"polyglot\")\n | KEEP emp_no, languages, type\n ```\n ", + "languageDocumentation.documentationESQL.castOperator": "Cast (::)", + "languageDocumentation.documentationESQL.castOperator.markdown": "### CAST (`::`)\n::演算子はO_型変換関数に代わる便利な構文です。\n\n例:\n```\nROW ver = CONCAT((\"0\"::INT + 1)::STRING, \".2.3\")::VERSION\n```\n ", + "languageDocumentation.documentationESQL.cbrt": "CBRT", + "languageDocumentation.documentationESQL.cbrt.markdown": "\n\n ### CBRT\n 数値の立方根を返します。入力は任意の数値で、戻り値は常にdoubleです。\n 無限大の立方根はnullです。\n\n ```\n ROW d = 1000.0\n | EVAL c = cbrt(d)\n ```\n ", + "languageDocumentation.documentationESQL.ceil": "CEIL", + "languageDocumentation.documentationESQL.ceil.markdown": "\n\n ### CEIL\n 最も近い整数に数値を切り上げます。\n\n ```\n ROW a=1.8\n | EVAL a=CEIL(a)\n ```\n 注:これはlong(符号なしを含む)とintegerのnoopです。doubleの場合、JavaのMath.ceilと同様に、整数に最も近いdoubleの値を選びます。\n ", + "languageDocumentation.documentationESQL.cidr_match": "CIDR_MATCH", + "languageDocumentation.documentationESQL.cidr_match.markdown": "\n\n ### CIDR_MATCH\n 指定されたIPが指定されたCIDRブロックのいずれかに含まれていればtrueを返します。\n\n ```\n FROM hosts \n | WHERE CIDR_MATCH(ip1, \"127.0.0.2/32\", \"127.0.0.3/32\") \n | KEEP card, host, ip0, ip1\n ```\n ", + "languageDocumentation.documentationESQL.coalesce": "COALESCE", + "languageDocumentation.documentationESQL.coalesce.markdown": "\n\n ### COALESCE\n nullでない最初の引数を返します。すべての引数がnullの場合はnullを返します。\n\n ```\n ROW a=null, b=\"b\"\n | EVAL COALESCE(a, b)\n ```\n ", + "languageDocumentation.documentationESQL.concat": "CONCAT", + "languageDocumentation.documentationESQL.concat.markdown": "\n\n ### CONCAT\n 2つ以上の文字列を連結します。\n\n ```\n FROM employees\n | KEEP first_name, last_name\n | EVAL fullname = CONCAT(first_name, \" \", last_name)\n ```\n ", + "languageDocumentation.documentationESQL.cos": "COS", + "languageDocumentation.documentationESQL.cos.markdown": "\n\n ### COS\n 角度の余弦を返します。\n\n ```\n ROW a=1.8 \n | EVAL cos=COS(a)\n ```\n ", + "languageDocumentation.documentationESQL.cosh": "COSH", + "languageDocumentation.documentationESQL.cosh.markdown": "\n\n ### COSH\n 角度の双曲余弦を返します。\n\n ```\n ROW a=1.8 \n | EVAL cosh=COSH(a)\n ```\n ", + "languageDocumentation.documentationESQL.date_diff": "DATE_DIFF", + "languageDocumentation.documentationESQL.date_diff.markdown": "\n\n ### DATE_DIFF\n startTimestampをendTimestampから減算し、unitの乗数の差を返します。\n startTimestampがendTimestampより後の場合は、負の値が返されます。\n\n ```\n ROW date1 = TO_DATETIME(\"2023-12-02T11:00:00.000Z\"), date2 = TO_DATETIME(\"2023-12-02T11:00:00.001Z\")\n | EVAL dd_ms = DATE_DIFF(\"microseconds\", date1, date2)\n ```\n ", + "languageDocumentation.documentationESQL.date_extract": "DATE_EXTRACT", + "languageDocumentation.documentationESQL.date_extract.markdown": "\n\n ### DATE_EXTRACT\n 年、月、日、時間など、日付の一部を抽出します。\n\n ```\n ROW date = DATE_PARSE(\"yyyy-MM-dd\", \"2022-05-06\")\n | EVAL year = DATE_EXTRACT(\"year\", date)\n ```\n ", + "languageDocumentation.documentationESQL.date_format": "DATE_FORMAT", + "languageDocumentation.documentationESQL.date_format.markdown": "\n\n ### DATE_FORMAT\n 指定した書式の日付の文字列表現を返します。\n\n ```\n FROM employees\n | KEEP first_name, last_name, hire_date\n | EVAL hired = DATE_FORMAT(\"YYYY-MM-dd\", hire_date)\n ```\n ", + "languageDocumentation.documentationESQL.date_parse": "DATE_PARSE", + "languageDocumentation.documentationESQL.date_parse.markdown": "\n\n ### DATE_PARSE\n 最初の引数で指定した形式を使用して、2番目の引数を解析することで、日付を返します。\n\n ```\n ROW date_string = \"2022-05-06\"\n | EVAL date = DATE_PARSE(\"yyyy-MM-dd\", date_string)\n ```\n ", + "languageDocumentation.documentationESQL.date_trunc": "DATE_TRUNC", + "languageDocumentation.documentationESQL.date_trunc.markdown": "\n\n ### DATE_TRUNC\n 最も近い区間まで日付を切り捨てます。\n\n ```\n FROM employees\n | KEEP first_name, last_name, hire_date\n | EVAL year_hired = DATE_TRUNC(1 year, hire_date)\n ```\n ", + "languageDocumentation.documentationESQL.dissect": "DISSECT", + "languageDocumentation.documentationESQL.dissect.markdown": "### DISSECT\nDISSECTは文字列から構造化データを取り出すことができます。DISSECTは文字列を区切り文字ベースのパターンと照合し、指定されたキーを列として抽出します。\n\ndissectパターンの構文については、[dissectプロセッサードキュメント](https://www.elastic.co/guide/en/elasticsearch/reference/current/dissect-processor.html)を参照してください。\n\n```\nROW a = \"1953-01-23T12:15:00Z - some text - 127.0.0.1\"\n| DISSECT a \"%'{Y}-%{M}-%{D}T%{h}:%{m}:%{s}Z - %{msg} - %{ip}'\"\n``` ", + "languageDocumentation.documentationESQL.drop": "DROP", + "languageDocumentation.documentationESQL.drop.markdown": "### DROP\nテーブルから列を削除するには、DROPを使用します。\n \n```\nFROM employees\n| DROP height\n```\n\n各列を名前で指定するのではなく、ワイルドカードを使って、パターンと一致する名前の列をすべて削除することができます。\n\n```\nFROM employees\n| DROP height*\n```\n ", + "languageDocumentation.documentationESQL.e": "E", + "languageDocumentation.documentationESQL.e.markdown": "\n\n ### E\n オイラー数を返します。\n\n ```\n ROW E()\n ```\n ", + "languageDocumentation.documentationESQL.ends_with": "ENDS_WITH", + "languageDocumentation.documentationESQL.ends_with.markdown": "\n\n ### ENDS_WITH\n キーワード文字列が他の文字列で終わるかどうかを示すブール値を返します。\n\n ```\n FROM employees\n | KEEP last_name\n | EVAL ln_E = ENDS_WITH(last_name, \"d\")\n ```\n ", + "languageDocumentation.documentationESQL.enrich": "ENRICH", + "languageDocumentation.documentationESQL.enrich.markdown": "### ENRICH\nENRICH`を使用すると、既存のインデックスのデータを受信レコードに追加することができます。[インジェストエンリッチ](https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest-enriching-data.html)と似ていますが、クエリー時に動作します。\n\n```\nROW language_code = \"1\"\n| ENRICH languages_policy\n```\n\nENRICHでは、[エンリッチポリシー](https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest-enriching-data.html#enrich-policy)を実行する必要があります。エンリッチポリシーは、一致フィールド (キーフィールド) とエンリッチフィールドのセットを定義します。\n\nENRICHは、一致フィールド値に基づいて、[エンリッチインデックス](https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest-enriching-data.html#enrich-index)のレコードを検索します。入力データセットの一致するキーは、ON を使用して定義できます。指定しない場合は、エンリッチポリシーで定義された一致フィールドと同じ名前のフィールドで一致が実行されます。\n\n```\nROW a = \"1\"\n| ENRICH languages_policy ON a\n```\n\nWITH , ...構文を使用して、結果に追加される属性(ポリシーでエンリッチフィールドとして定義された属性の間)を指定できます。\n\n```\nROW a = \"1\"\n| ENRICH languages_policy ON a WITH language_name\n```\n\n属性の名前は、WITH new_name=を使用して変更できます。\n\n```\nROW a = \"1\"\n| ENRICH languages_policy ON a WITH name = language_name\n```\n\nデフォルトでは、(WITHが定義されていない場合)、ENRICHはエンリッチポリシーで定義されたすべてのエンリッチフィールドを結果に追加します。\n\n名前の競合が発生した場合、新しく作成されたフィールドが既存のフィールドを上書きします。\n ", + "languageDocumentation.documentationESQL.eval": "EVAL", + "languageDocumentation.documentationESQL.eval.markdown": "### EVAL\nEVALでは、新しい列を追加できます。\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| EVAL height_feet = height * 3.281, height_cm = height * 100\n```\n\n指定した列がすでに存在する場合、既存の列は削除され、新しい列がテーブルに追加されます。\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| EVAL height = height * 3.281\n```\n\n#### 関数\nEVALは値を計算するためのさまざまな関数をサポートしています。関数をクリックすると詳細が表示されます。\n ", + "languageDocumentation.documentationESQL.floor": "FLOOR", + "languageDocumentation.documentationESQL.floor.markdown": "\n\n ### FLOOR\n 最も近い整数に数値を切り捨てます。\n\n ```\n ROW a=1.8\n | EVAL a=FLOOR(a)\n ```\n 注:これはlong(符号なしを含む)とintegerのnoopです。\n doubleの場合、Math.floorと同様に、整数に最も近いdoubleの値を選びます。\n \n ", + "languageDocumentation.documentationESQL.from": "FROM", + "languageDocumentation.documentationESQL.from_base64": "FROM_BASE64", + "languageDocumentation.documentationESQL.from_base64.markdown": "\n\n ### FROM_BASE64\n base64文字列をデコードします。\n\n ```\n row a = \"ZWxhc3RpYw==\" \n | eval d = from_base64(a)\n ```\n ", + "languageDocumentation.documentationESQL.from.markdown": "### FROM\nソースコマンドFROMは、データストリーム、インデックス、またはエイリアスから、最大10,000ドキュメントを含むテーブルを返します。結果のテーブルの各行はドキュメントを表します。各列はフィールドに対応し、そのフィールドの名前でアクセスできます。\n\n```\nFROM employees\n```\n\n[日付演算](https://www.elastic.co/guide/en/elasticsearch/reference/current/api-conventions.html#api-date-math-index-names) を使用して、インデックス、エイリアス、データストリームを参照できます。これは時系列データの場合に便利です。\n\nカンマ区切りのリストまたはワイルドカードを使用して、複数のデータストリーム、インデックス、またはエイリアスをクエリーします。\n\n```\nFROM employees-00001,employees-*\n```\n\n#### メタデータ\n\nES|QLは以下のメタデータフィールドにアクセスできます。\n\n* `_index`:ドキュメントが属するインデックス。このフィールドはkeyword型です。\n* `_id`:ソースドキュメントのID。このフィールドはkeyword型です。### `_version`:ソースドキュメントのバージョン。フィールドの型はlongです。\n\nメタデータフィールドを有効にするには、METADATAディレクティブを使います。\n\n```\nFROM index [METADATA _index, _id]\n```\n\nメタデータフィールドは、データのソースがインデックスである場合にのみ使用できます。その結果、FROMはMETADATAディレクティブをサポートする唯一のソースコマンドです。\n\nこのフィールドが有効になると、他のインデックスフィールドと同様に、後続の処理コマンドで利用できるようになります。\n\n```\nFROM ul_logs, apps [METADATA _index, _version]\n| WHERE id IN (13, 14) AND _version == 1\n| EVAL key = CONCAT(_index, \"_\", TO_STR(id))\n| SORT id, _index\n| KEEP id, _index, _version, key\n```\n\nまた、インデックス・フィールドと同様に、一度集約が実行されると、グループ化フィールドとして使用されないかぎり、メタデータフィールドは後続のコマンドからはアクセスできなくなります。\n\n```\nFROM employees [METADATA _index, _id]\n| STATS max = MAX(emp_no) BY _index\n```\n ", + "languageDocumentation.documentationESQL.greatest": "GREATEST", + "languageDocumentation.documentationESQL.greatest.markdown": "\n\n ### GREATEST\n 多数の列から最大値を返します。これはMV_MAX\n と似ていますが、一度に複数の列に対して実行します。\n\n ```\n ROW a = 10, b = 20\n | EVAL g = GREATEST(a, b)\n ```\n 注:keywordまたはtextフィールドに対して実行すると、アルファベット順の最後の文字列を返します。boolean列に対して実行すると、値がtrueの場合にtrueを返します。\n ", + "languageDocumentation.documentationESQL.grok": "GROK", + "languageDocumentation.documentationESQL.grok.markdown": "### GROK\nGROKを使うと、文字列から構造化データを抽出できます。GROKは正規表現に基づいて文字列をパターンと一致させ、指定されたパターンを列として抽出します。\n\ngrokパターンの構文については、 [grokプロセッサードキュメント](https://www.elastic.co/guide/en/elasticsearch/reference/current/grok-processor.html)を参照してください。\n\n```\nROW a = \"12 15.5 15.6 true\"\n| GROK a \"%'{NUMBER:b:int}' %'{NUMBER:c:float}' %'{NUMBER:d:double}' %'{WORD:e:boolean}'\"\n```\n ", + "languageDocumentation.documentationESQL.inOperator": "IN", + "languageDocumentation.documentationESQL.inOperator.markdown": "### IN\nIN演算子は、フィールドや式がリテラル、フィールド、式のリストの要素と等しいかどうかをテストすることができます。\n\n```\nROW a = 1, b = 4, c = 3\n| WHERE c-a IN (3, b / 2, a)\n```\n ", + "languageDocumentation.documentationESQL.ip_prefix": "IP_PREFIX", + "languageDocumentation.documentationESQL.ip_prefix.markdown": "\n\n ### IP_PREFIX\n IPを特定のプレフィックス長に切り詰めます。\n\n ```\n row ip4 = to_ip(\"1.2.3.4\"), ip6 = to_ip(\"fe80::cae2:65ff:fece:feb9\")\n | eval ip4_prefix = ip_prefix(ip4, 24, 0), ip6_prefix = ip_prefix(ip6, 0, 112);\n ```\n ", + "languageDocumentation.documentationESQL.keep": "KEEP", + "languageDocumentation.documentationESQL.keep.markdown": "### KEEP\nKEEPコマンドは、返される列と、列が返される順序を指定することができます。\n\n返される列を制限するには、カンマで区切りの列名リストを使用します。列は指定された順序で返されます。\n \n```\nFROM employees\n| KEEP first_name, last_name, height\n```\n\n各列を名前で指定するのではなく、ワイルドカードを使って、パターンと一致する名前の列をすべて返すことができます。\n\n```\nFROM employees\n| KEEP h*\n```\n\nアスタリスクワイルドカード(*)は単独で、他の引数と一致しないすべての列に変換されます。このクエリーは、最初にhで始まる名前の列をすべて返し、その後にその他の列をすべて返します。\n\n```\nFROM employees\n| KEEP h*, *\n```\n ", + "languageDocumentation.documentationESQL.least": "LEAST", + "languageDocumentation.documentationESQL.least.markdown": "\n\n ### LEAST\n 多数の列から最小値を返します。これはMV_MINと似ていますが、一度に複数の列に対して実行します。\n\n ```\n ROW a = 10, b = 20\n | EVAL l = LEAST(a, b)\n ```\n ", + "languageDocumentation.documentationESQL.left": "LEFT", + "languageDocumentation.documentationESQL.left.markdown": "\n\n ### LEFT\n stringから左から順にlength文字を抜き出したサブ文字列を返します。\n\n ```\n FROM employees\n | KEEP last_name\n | EVAL left = LEFT(last_name, 3)\n | SORT last_name ASC\n | LIMIT 5\n ```\n ", + "languageDocumentation.documentationESQL.length": "LENGTH", + "languageDocumentation.documentationESQL.length.markdown": "\n\n ### LENGTH\n 文字列の文字数を返します。\n\n ```\n FROM employees\n | KEEP first_name, last_name\n | EVAL fn_length = LENGTH(first_name)\n ```\n ", + "languageDocumentation.documentationESQL.limit": "LIMIT", + "languageDocumentation.documentationESQL.limit.markdown": "### LIMIT\nLIMIT`処理コマンドは行数を制限することができます。\n \n```\nFROM employees\n| LIMIT 5\n```\n ", + "languageDocumentation.documentationESQL.locate": "LOCATE", + "languageDocumentation.documentationESQL.locate.markdown": "\n\n ### LOCATE\n 別の文字列内のキーワードサブ文字列の位置を示す整数を返します。\n\n ```\n row a = \"hello\"\n | eval a_ll = locate(a, \"ll\")\n ```\n ", + "languageDocumentation.documentationESQL.log": "LOG", + "languageDocumentation.documentationESQL.log.markdown": "\n\n ### LOG\n 基数に対する値の対数を返します。入力は任意の数値で、戻り値は常にdoubleです。\n\n ゼロの対数、負数、1の基数はnullと警告を返します。\n\n ```\n ROW base = 2.0, value = 8.0\n | EVAL s = LOG(base, value)\n ```\n ", + "languageDocumentation.documentationESQL.log10": "LOG10", + "languageDocumentation.documentationESQL.log10.markdown": "\n\n ### LOG10\n 基数10に対する値の対数を返します。入力は任意の数値で、戻り値は常にdoubleです。\n\n 0の対数および負数はnullと警告を返します。\n\n ```\n ROW d = 1000.0 \n | EVAL s = LOG10(d)\n ```\n ", + "languageDocumentation.documentationESQL.ltrim": "LTRIM", + "languageDocumentation.documentationESQL.ltrim.markdown": "\n\n ### LTRIM\n 文字列から先頭の空白を取り除きます。\n\n ```\n ROW message = \" some text \", color = \" red \"\n | EVAL message = LTRIM(message)\n | EVAL color = LTRIM(color)\n | EVAL message = CONCAT(\"'\", message, \"'\")\n | EVAL color = CONCAT(\"'\", color, \"'\")\n ```\n ", + "languageDocumentation.documentationESQL.markdown": "## ES|QL\n\nES|QL(Elasticsearch クエリー言語)クエリーは、パイプ文字の|で区切られた一連のコマンドで構成されます。各クエリーは**ソースコマンド**で始まり、通常はElasticsearchのデータを使ってテーブルを生成します。\n\nソースコマンドには、1つ以上の**処理コマンド**を続けることができます。処理コマンドは、行や列を追加、削除、変更することで、前のコマンドの出力テーブルを変更することができます。\n\n```\nsource-command\n| processing-command1\n| processing-command2\n```\n\nクエリーの結果は、最終的な処理コマンドによって生成されるテーブルです。 \n ", + "languageDocumentation.documentationESQL.mv_append": "MV_APPEND", + "languageDocumentation.documentationESQL.mv_append.markdown": "\n\n ### MV_APPEND\n 2つの複数値フィールドの値を連結します\n\n ", + "languageDocumentation.documentationESQL.mv_avg": "MV_AVG", + "languageDocumentation.documentationESQL.mv_avg.markdown": "\n\n ### MV_AVG\n 複数値フィールドを、すべての値の平均を含む単一値フィールドに変換します。\n\n ```\n ROW a=[3, 5, 1, 6]\n | EVAL avg_a = MV_AVG(a)\n ```\n ", + "languageDocumentation.documentationESQL.mv_concat": "MV_CONCAT", + "languageDocumentation.documentationESQL.mv_concat.markdown": "\n\n ### MV_CONCAT\n 複数値文字列式を、区切り文字で区切られたすべての値を連結した単一値列に変換します。\n\n ```\n ROW a=[\"foo\", \"zoo\", \"bar\"]\n | EVAL j = MV_CONCAT(a, \", \")\n ```\n ", + "languageDocumentation.documentationESQL.mv_count": "MV_COUNT", + "languageDocumentation.documentationESQL.mv_count.markdown": "\n\n ### MV_COUNT\n 複数値式を、値の数をカウントする単一値列に変換します。\n\n ```\n ROW a=[\"foo\", \"zoo\", \"bar\"]\n | EVAL count_a = MV_COUNT(a)\n ```\n ", + "languageDocumentation.documentationESQL.mv_dedupe": "MV_DEDUPE", + "languageDocumentation.documentationESQL.mv_dedupe.markdown": "\n\n ### MV_DEDUPE\n 複数値フィールドから重複する値を削除します。\n\n ```\n ROW a=[\"foo\", \"foo\", \"bar\", \"foo\"]\n | EVAL dedupe_a = MV_DEDUPE(a)\n ```\n 注:MV_DEDUPEは列の値をソートすることがありますが、常にソートするわけではありません。\n ", + "languageDocumentation.documentationESQL.mv_first": "MV_FIRST", + "languageDocumentation.documentationESQL.mv_first.markdown": "\n\n ### MV_FIRST\n \n 複数値式を、最初の値を含む単一値列に変換します。これは、SPLITなどの既知の順序で複数値列を発行する関数から読み取るときに役立ちます。\n \n\n 複数値フィールドが基本ストレージから読み取られる順序は保証されません。\n \n 通常は昇順ですが、必ずしもそうであるわけではありません。最小値が必要な場合は、MV_FIRSTの代わりに、MV_MINを使用します。\n MV_MINは、ソートされた値向けに最適化されているため、\n MV_FIRSTにパフォーマンスの利点はありません。\n\n ```\n ROW a=\"foo;bar;baz\"\n | EVAL first_a = MV_FIRST(SPLIT(a, \";\"))\n ```\n ", + "languageDocumentation.documentationESQL.mv_last": "MV_LAST", + "languageDocumentation.documentationESQL.mv_last.markdown": "\n\n ### MV_LAST\n \n 複数値式を、最後の値を含む単一値列に変換します。これは、SPLITなどの既知の順序で複数値列を発行する関数から読み取るときに役立ちます。\n \n\n 複数値フィールドが基本ストレージから読み取られる順序は保証されません。\n \n 通常は昇順ですが、必ずしもそうであるわけではありません。最大値が必要な場合は、MV_LASTの代わりに、MV_MAXを使用します。\n MV_MAXは、ソートされた値向けに最適化されているため、\n MV_LASTにパフォーマンスの利点はありません。\n\n ```\n ROW a=\"foo;bar;baz\"\n | EVAL last_a = MV_LAST(SPLIT(a, \";\"))\n ```\n ", + "languageDocumentation.documentationESQL.mv_max": "MV_MAX", + "languageDocumentation.documentationESQL.mv_max.markdown": "\n\n ### MV_MAX\n 複数値フィールドを、最大値を含む単一値フィールドに変換します。\n\n ```\n ROW a=[3, 5, 1]\n | EVAL max_a = MV_MAX(a)\n ```\n ", + "languageDocumentation.documentationESQL.mv_median": "MV_MEDIAN", + "languageDocumentation.documentationESQL.mv_median.markdown": "\n\n ### MV_MEDIAN\n 複数値フィールドを、中央値を含む単一値フィールドに変換します。\n\n ```\n ROW a=[3, 5, 1]\n | EVAL median_a = MV_MEDIAN(a)\n ```\n ", + "languageDocumentation.documentationESQL.mv_min": "MV_MIN", + "languageDocumentation.documentationESQL.mv_min.markdown": "\n\n ### MV_MIN\n 複数値フィールドを、最小値を含む単一値フィールドに変換します。\n\n ```\n ROW a=[2, 1]\n | EVAL min_a = MV_MIN(a)\n ```\n ", + "languageDocumentation.documentationESQL.mv_slice": "MV_SLICE", + "languageDocumentation.documentationESQL.mv_slice.markdown": "\n\n ### MV_SLICE\n 開始インデックス値と終了インデックス値を使用して、複数値フィールドのサブセットを返します。\n\n ```\n row a = [1, 2, 2, 3]\n | eval a1 = mv_slice(a, 1), a2 = mv_slice(a, 2, 3)\n ```\n ", + "languageDocumentation.documentationESQL.mv_sort": "MV_SORT", + "languageDocumentation.documentationESQL.mv_sort.markdown": "\n\n ### MV_SORT\n 辞書の順序で複数値フィールドを並べ替えます。\n\n ```\n ROW a = [4, 2, -3, 2]\n | EVAL sa = mv_sort(a), sd = mv_sort(a, \"DESC\")\n ```\n ", + "languageDocumentation.documentationESQL.mv_sum": "MV_SUM", + "languageDocumentation.documentationESQL.mv_sum.markdown": "\n\n ### MV_SUM\n 複数値フィールドを、すべての値の合計を含む単一値フィールドに変換します。\n\n ```\n ROW a=[3, 5, 6]\n | EVAL sum_a = MV_SUM(a)\n ```\n ", + "languageDocumentation.documentationESQL.mv_zip": "MV_ZIP", + "languageDocumentation.documentationESQL.mv_zip.markdown": "\n\n ### MV_ZIP\n 値を結合する区切り文字を使用して、2つの複数値フィールドの値を結合します。\n\n ```\n ROW a = [\"x\", \"y\", \"z\"], b = [\"1\", \"2\"]\n | EVAL c = mv_zip(a, b, \"-\")\n | KEEP a, b, c\n ```\n ", + "languageDocumentation.documentationESQL.mvExpand": "MV_EXPAND", + "languageDocumentation.documentationESQL.mvExpand.markdown": "### MV_EXPAND\nMV_EXPAND処理コマンドは、複数値フィールドを値ごとに1行に展開し、他のフィールドを複製します。 \n```\nROW a=[1,2,3], b=\"b\", j=[\"a\",\"b\"]\n| MV_EXPAND a\n```\n ", + "languageDocumentation.documentationESQL.now": "NOW", + "languageDocumentation.documentationESQL.now.markdown": "\n\n ### NOW\n 現在の日付と時刻を返します。\n\n ```\n ROW current_date = NOW()\n ```\n ", + "languageDocumentation.documentationESQL.pi": "PI", + "languageDocumentation.documentationESQL.pi.markdown": "\n\n ### PI\n 円の円周と直径の比率であるPiを返します。\n\n ```\n ROW PI()\n ```\n ", + "languageDocumentation.documentationESQL.pow": "POW", + "languageDocumentation.documentationESQL.pow.markdown": "\n\n ### POW\n exponentのべき乗にしたbaseの値を返します。\n\n ```\n ROW base = 2.0, exponent = 2\n | EVAL result = POW(base, exponent)\n ```\n 注:ここでは、倍精度浮動小数点数の結果でもオーバーフローする可能性があります。その場合は、NULLが返されます。\n ", + "languageDocumentation.documentationESQL.predicates": "NULL値", + "languageDocumentation.documentationESQL.predicates.markdown": "### NULL値\nNULLの比較には、IS NULLとIS NOT NULL述語を使います。\n\n```\nFROM employees\n| WHERE birth_date IS NULL\n| KEEP first_name, last_name\n| SORT first_name\n| LIMIT 3\n```\n\n```\nFROM employees\n| WHERE is_rehired IS NOT NULL\n| STATS count(emp_no)\n```\n ", + "languageDocumentation.documentationESQL.rename": "RENAME", + "languageDocumentation.documentationESQL.rename.markdown": "### RENAME\nRENAMEを使用して、次の構文で列の名前を変更します。\n\n```\nRENAME AS \n```\n\n例:\n\n```\nFROM employees\n| KEEP first_name, last_name, still_hired\n| RENAME still_hired AS employed\n```\n\n新しい名前の列がすでに存在する場合、その列は新しい列に置き換えられます。\n\n複数の列の名前を1つのRENAMEコマンドで変更することができます。\n\n```\nFROM employees\n| KEEP first_name, last_name\n| RENAME first_name AS fn, last_name AS ln\n```\n ", + "languageDocumentation.documentationESQL.repeat": "REPEAT", + "languageDocumentation.documentationESQL.repeat.markdown": "\n\n ### REPEAT\n 指定したnumberの回数、文字列stringとそれ自身を連結して構成された文字列を返します。\n\n ```\n ROW a = \"Hello!\"\n | EVAL triple_a = REPEAT(a, 3);\n ```\n ", + "languageDocumentation.documentationESQL.replace": "REPLACE", + "languageDocumentation.documentationESQL.replace.markdown": "\n\n ### REPLACE\n \n この関数は、正規表現regexと置換文字列newStrの任意の一致を文字列strに代入します。\n\n ```\n ROW str = \"Hello World\"\n | EVAL str = REPLACE(str, \"World\", \"Universe\")\n | KEEP str\n ```\n ", + "languageDocumentation.documentationESQL.right": "RIGHT", + "languageDocumentation.documentationESQL.right.markdown": "\n\n ### RIGHT\n strのうち右から数えてlength文字までのサブ文字列を返します。\n\n ```\n FROM employees\n | KEEP last_name\n | EVAL right = RIGHT(last_name, 3)\n | SORT last_name ASC\n | LIMIT 5\n ```\n ", + "languageDocumentation.documentationESQL.round": "ROUND", + "languageDocumentation.documentationESQL.round.markdown": "\n\n ### ROUND\n 数値を指定した小数点以下の桁数に丸めます。\n デフォルトは0で、最も近い整数を返します。\n 精度が負の場合、小数点以下の桁数に丸めます。\n \n\n ```\n FROM employees\n | KEEP first_name, last_name, height\n | EVAL height_ft = ROUND(height * 3.281, 1)\n ```\n ", + "languageDocumentation.documentationESQL.row": "ROW", + "languageDocumentation.documentationESQL.row.markdown": "### ROW\nROWソースコマンドは、指定した値の列を1つ以上含む行を作成します。これはテストの場合に便利です。\n \n```\nROW a = 1, b = \"two\", c = null\n```\n\n複数の値を含む列を作成するには角括弧を使用します。\n\n```\nROW a = [2, 1]\n```\n\nROWは関数の使用をサポートしています。\n\n```\nROW a = ROUND(1.23, 0)\n```\n ", + "languageDocumentation.documentationESQL.rtrim": "RTRIM", + "languageDocumentation.documentationESQL.rtrim.markdown": "\n\n ### RTRIM\n 文字列から末尾の空白を取り除きます。\n\n ```\n ROW message = \" some text \", color = \" red \"\n | EVAL message = RTRIM(message)\n | EVAL color = RTRIM(color)\n | EVAL message = CONCAT(\"'\", message, \"'\")\n | EVAL color = CONCAT(\"'\", color, \"'\")\n ```\n ", + "languageDocumentation.documentationESQL.show": "SHOW", + "languageDocumentation.documentationESQL.show.markdown": "### SHOW\nSHOW ソースコマンドはデプロイとその能力に関する情報を返します。\n\n* デプロイのバージョン、ビルド日、ハッシュを返すには、SHOW INFOを使用します。\n* SHOW FUNCTIONSを使用すると、サポートされているすべての関数のリストと各関数の概要を返します。\n ", + "languageDocumentation.documentationESQL.signum": "SIGNUM", + "languageDocumentation.documentationESQL.signum.markdown": "\n\n ### SIGNUM\n 任意の数値の符号を返します。\n 負の数値の場合は-1を返します。0の場合は0を返します。正の数値の場合は1を返します。\n\n ```\n ROW d = 100.0\n | EVAL s = SIGNUM(d)\n ```\n ", + "languageDocumentation.documentationESQL.sin": "SIN", + "languageDocumentation.documentationESQL.sin.markdown": "\n\n ### SIN\n 角度の正弦三角関数を返します。\n\n ```\n ROW a=1.8 \n | EVAL sin=SIN(a)\n ```\n ", + "languageDocumentation.documentationESQL.sinh": "SINH", + "languageDocumentation.documentationESQL.sinh.markdown": "\n\n ### SINH\n 角度の双曲線正弦を返します。\n\n ```\n ROW a=1.8 \n | EVAL sinh=SINH(a)\n ```\n ", + "languageDocumentation.documentationESQL.sort": "SORT", + "languageDocumentation.documentationESQL.sort.markdown": "### SORT\nSORTコマンドを使用すると、1つ以上のフィールドで行をソートすることができます。\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| SORT height\n```\n\nデフォルトのソート順は昇順です。ASCまたはDESCを使って明示的なソート順を設定します。\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| SORT height DESC\n```\n\n2つの行のソートキーが同じ場合、元の順序が保持されます。タイブレーカーとなるソート式を追加で指定できます。\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| SORT height DESC, first_name ASC\n```\n\n#### null値\nデフォルトでは、null値は他のどの値よりも大きい値として扱われます。昇順のソートではnull値は最後にソートされ、降順のソートではnull値は最初にソートされます。NULLS FIRSTまたはNULLS LASTを指定することで変更できます。\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| SORT first_name ASC NULLS FIRST\n```\n ", + "languageDocumentation.documentationESQL.split": "SPLIT", + "languageDocumentation.documentationESQL.split.markdown": "\n\n ### SPLIT\n 単一の値の文字列を複数の文字列に分割します。\n\n ```\n ROW words=\"foo;bar;baz;qux;quux;corge\"\n | EVAL word = SPLIT(words, \";\")\n ```\n ", + "languageDocumentation.documentationESQL.sqrt": "SQRT", + "languageDocumentation.documentationESQL.sqrt.markdown": "\n\n ### SQRT\n 数値の平方根を返します。入力は任意の数値で、戻り値は常にdoubleです。\n 負数と無限大の平方根はnullです。\n\n ```\n ROW d = 100.0\n | EVAL s = SQRT(d)\n ```\n ", + "languageDocumentation.documentationESQL.st_contains": "ST_CONTAINS", + "languageDocumentation.documentationESQL.st_contains.markdown": "\n\n ### ST_CONTAINS\n 最初のジオメトリに2番目のジオメトリが含まれるかどうかを返します。\n これはST_WITHIN関数の逆関数です。\n\n ```\n FROM airport_city_boundaries\n | WHERE ST_CONTAINS(city_boundary, TO_GEOSHAPE(\"POLYGON((109.35 18.3, 109.45 18.3, 109.45 18.4, 109.35 18.4, 109.35 18.3))\"))\n | KEEP abbrev, airport, region, city, city_location\n ```\n ", + "languageDocumentation.documentationESQL.st_disjoint": "ST_DISJOINT", + "languageDocumentation.documentationESQL.st_disjoint.markdown": "\n\n ### ST_DISJOINT\n 2つのジオメトリまたはジオメトリ列が結合解除されているかどうかを返します。\n これはST_INTERSECTS関数の逆関数です。\n 数学的には次のようになります。ST_Disjoint(A, B) ⇔ A ⋂ B = ∅\n\n ```\n FROM airport_city_boundaries\n | WHERE ST_DISJOINT(city_boundary, TO_GEOSHAPE(\"POLYGON((-10 -60, 120 -60, 120 60, -10 60, -10 -60))\"))\n | KEEP abbrev, airport, region, city, city_location\n ```\n ", + "languageDocumentation.documentationESQL.st_distance": "ST_DISTANCE", + "languageDocumentation.documentationESQL.st_distance.markdown": "\n\n ### ST_DISTANCE\n 2点間の距離を計算します。\n デカルト幾何学の場合、これは元の座標と同じ単位でのピタゴラス距離です。\n 地理的幾何学では、これはメートル単位での円に沿った円周距離です。\n\n ```\n FROM airports\n | WHERE abbrev == \"CPH\"\n | EVAL distance = ST_DISTANCE(location, city_location)\n | KEEP abbrev, name, location, city_location, distance\n ```\n ", + "languageDocumentation.documentationESQL.st_intersects": "ST_INTERSECTS", + "languageDocumentation.documentationESQL.st_intersects.markdown": "\n\n ### ST_INTERSECTS\n 2つのジオメトリが交差している場合はTrueを返します。\n 内部点を含め、共通の点がある場合は交差しています\n (線に沿った点または多角形内の点)。\n これはST_DISJOINT関数の逆関数です。\n 数学的には次のようになります。ST_Intersects(A, B) ⇔ A ⋂ B ≠ ∅\n\n ```\n FROM airports\n | WHERE ST_INTERSECTS(location, TO_GEOSHAPE(\"POLYGON((42 14, 43 14, 43 15, 42 15, 42 14))\"))\n ```\n ", + "languageDocumentation.documentationESQL.st_within": "ST_WITHIN", + "languageDocumentation.documentationESQL.st_within.markdown": "\n\n ### ST_WITHIN\n 最初のジオメトリが2番目のジオメトリ内にあるかどうかを返します。\n これはST_CONTAINS関数の逆関数です。\n\n ```\n FROM airport_city_boundaries\n | WHERE ST_WITHIN(city_boundary, TO_GEOSHAPE(\"POLYGON((109.1 18.15, 109.6 18.15, 109.6 18.65, 109.1 18.65, 109.1 18.15))\"))\n | KEEP abbrev, airport, region, city, city_location\n ```\n ", + "languageDocumentation.documentationESQL.st_x": "ST_X", + "languageDocumentation.documentationESQL.st_x.markdown": "\n\n ### ST_X\n 指定された点からx座標を抽出します。\n この点がgeo_pointタイプの場合は、longitude値を抽出するのと同じ結果になります。\n\n ```\n ROW point = TO_GEOPOINT(\"POINT(42.97109629958868 14.7552534006536)\")\n | EVAL x = ST_X(point), y = ST_Y(point)\n ```\n ", + "languageDocumentation.documentationESQL.st_y": "ST_Y", + "languageDocumentation.documentationESQL.st_y.markdown": "\n\n ### ST_Y\n 指定された点からy座標を抽出します。\n この点がgeo_pointタイプの場合は、latitude値を抽出するのと同じ結果になります。\n\n ```\n ROW point = TO_GEOPOINT(\"POINT(42.97109629958868 14.7552534006536)\")\n | EVAL x = ST_X(point), y = ST_Y(point)\n ```\n ", + "languageDocumentation.documentationESQL.starts_with": "STARTS_WITH", + "languageDocumentation.documentationESQL.starts_with.markdown": "\n\n ### STARTS_WITH\n キーワード文字列が他の文字列で始まるかどうかを示すブール値を返します。\n\n ```\n FROM employees\n | KEEP last_name\n | EVAL ln_S = STARTS_WITH(last_name, \"B\")\n ```\n ", + "languageDocumentation.documentationESQL.statsby": "STATS ...BY", + "languageDocumentation.documentationESQL.statsby.markdown": "### STATS ...BY\nSTATS ...BYを使用すると、共通の値に従って行をグループ化し、グループ化された行に対する1つ以上の集約値を計算します。\n\n**例**:\n\n```\nFROM employees\n| STATS count = COUNT(emp_no) BY languages\n| SORT languages\n```\n\nBYが省略された場合、出力テーブルには、データセット全体に適用された集約が正確に1行だけ含まれます。\n\n```\nFROM employees\n| STATS avg_lang = AVG(languages)\n```\n\n複数の値を計算することができます。\n\n```\nFROM employees\n| STATS avg_lang = AVG(languages), max_lang = MAX(languages)\n```\n\n複数の値でグループ化することも可能です(longおよびkeywordファミリーフィールドでのみサポート)。\n\n```\nFROM employees\n| EVAL hired = DATE_FORMAT(hire_date, \"YYYY\")\n| STATS avg_salary = AVG(salary) BY hired, languages.long\n| EVAL avg_salary = ROUND(avg_salary)\n| SORT hired, languages.long\n```\n\nSTATS ...BYで使用できる関数の一覧については、**集計関数**を参照してください。\n\n集計関数とグループ式の両方で他の関数を使用できます。これは、複数値列でSTATS...BYを使用するときに有用です。たとえば、平均給与変動を計算するには、まず、MV_AVGを使用して従業員ごとに複数の値の平均を求め、その結果にAVG関数を適用します。\n\n```\nFROM employees\n| STATS avg_salary_change = AVG(MV_AVG(salary_change))\n```\n\n式によるグループ化の例は、姓の最初の文字で従業員をグループ化することです。\n\n```\nFROM employees\n| STATS my_count = COUNT() BY LEFT(last_name, 1)\n| SORT `LEFT(last_name, 1)`\n```\n\n出力列名の指定は任意です。指定しない場合は、新しい列名が式と等しくなります。次のクエリーは列\"AVG(salary)\"を返します。\n\n```\nFROM employees\n| STATS AVG(salary)\n```\n\nこの名前には特殊文字が含まれているため、後続のコマンドで使用するときには、バッククオート(`)で囲む必要があります。\n\n```\nFROM employees\n| STATS AVG(salary)\n| EVAL avg_salary_rounded = ROUND(`AVG(salary)`)\n```\n\n**注**:グループなしのSTATSは、グループを追加するよりも大幅に高速です。\n\n**注**:単一式でのグループは、現在、複数式でのグループよりも大幅に最適化されています。\n ", + "languageDocumentation.documentationESQL.stringOperators": "LIKEおよびRLIKE", + "languageDocumentation.documentationESQL.stringOperators.markdown": "### LIKEおよびRLIKE\nワイルドカードや正規表現を使った文字列比較にはLIKEまたはRLIKEを使います。\n\nワイルドカードを使って文字列を一致させるにはLIKEを使います。次のワイルドカード文字がサポートされています。\n\n* `*`は0文字以上と一致します。\n* `?`は1文字と一致します。\n\n```\nFROM employees\n| WHERE first_name LIKE \"?b*\"\n| KEEP first_name, last_name\n```\n\n正規表現を使って文字列を一致させるには、RLIKEを使います。\n\n```\nFROM employees\n| WHERE first_name RLIKE \".leja.*\"\n| KEEP first_name, last_name\n```\n ", + "languageDocumentation.documentationESQL.substring": "SUBSTRING", + "languageDocumentation.documentationESQL.substring.markdown": "\n\n ### SUBSTRING\n 文字列のサブ文字列を、開始位置とオプションの長さで指定して返します。\n\n ```\n FROM employees\n | KEEP last_name\n | EVAL ln_sub = SUBSTRING(last_name, 1, 3)\n ```\n ", + "languageDocumentation.documentationESQL.tan": "TAN", + "languageDocumentation.documentationESQL.tan.markdown": "\n\n ### TAN\n 角度の正接三角関数を返します。\n\n ```\n ROW a=1.8 \n | EVAL tan=TAN(a)\n ```\n ", + "languageDocumentation.documentationESQL.tanh": "TANH", + "languageDocumentation.documentationESQL.tanh.markdown": "\n\n ### TANH\n 角度の正接双曲線関数を返します。\n\n ```\n ROW a=1.8 \n | EVAL tanh=TANH(a)\n ```\n ", + "languageDocumentation.documentationESQL.tau": "TAU", + "languageDocumentation.documentationESQL.tau.markdown": "\n\n ### TAU\n 円の円周と半径の比率を返します。\n\n ```\n ROW TAU()\n ```\n ", + "languageDocumentation.documentationESQL.to_base64": "TO_BASE64", + "languageDocumentation.documentationESQL.to_base64.markdown": "\n\n ### TO_BASE64\n 文字列をbase64文字列にエンコードします。\n\n ```\n row a = \"elastic\" \n | eval e = to_base64(a)\n ```\n ", + "languageDocumentation.documentationESQL.to_boolean": "TO_BOOLEAN", + "languageDocumentation.documentationESQL.to_boolean.markdown": "\n\n ### TO_BOOLEAN\n 入力値をブール値に変換します。\n 文字列値*true*は、大文字小文字を区別せずにブール値*true*に変換されます。\n 空文字列を含むそれ以外の値に対しては、この関数は*false*を返します。\n 数値*0*は*false*に変換され、それ以外は*true*に変換されます。\n\n ```\n ROW str = [\"true\", \"TRuE\", \"false\", \"\", \"yes\", \"1\"]\n | EVAL bool = TO_BOOLEAN(str)\n ```\n ", + "languageDocumentation.documentationESQL.to_cartesianpoint": "TO_CARTESIANPOINT", + "languageDocumentation.documentationESQL.to_cartesianpoint.markdown": "\n\n ### TO_CARTESIANPOINT\n 入力値をcartesian_point値に変換します。\n 文字列は、WKT Point形式に従っている場合にのみ、正常に変換されます。\n\n ```\n ROW wkt = [\"POINT(4297.11 -1475.53)\", \"POINT(7580.93 2272.77)\"]\n | MV_EXPAND wkt\n | EVAL pt = TO_CARTESIANPOINT(wkt)\n ```\n ", + "languageDocumentation.documentationESQL.to_cartesianshape": "TO_CARTESIANSHAPE", + "languageDocumentation.documentationESQL.to_cartesianshape.markdown": "\n\n ### TO_CARTESIANSHAPE\n 入力値をcartesian_shape値に変換します。\n 文字列は、WKT形式に従っている場合にのみ、正常に変換されます。\n\n ```\n ROW wkt = [\"POINT(4297.11 -1475.53)\", \"POLYGON ((3339584.72 1118889.97, 4452779.63 4865942.27, 2226389.81 4865942.27, 1113194.90 2273030.92, 3339584.72 1118889.97))\"]\n | MV_EXPAND wkt\n | EVAL geom = TO_CARTESIANSHAPE(wkt)\n ```\n ", + "languageDocumentation.documentationESQL.to_datetime": "TO_DATETIME", + "languageDocumentation.documentationESQL.to_datetime.markdown": "\n\n ### TO_DATETIME\n 入力値を日付値に変換します。\n 文字列は、yyyy-MM-dd'T'HH:mm:ss.SSS'Z'の書式に従っている場合のみ変換が成功します。\n 日付を他の形式に変換するには、DATE_PARSEを使用します。\n\n ```\n ROW string = [\"1953-09-02T00:00:00.000Z\", \"1964-06-02T00:00:00.000Z\", \"1964-06-02 00:00:00\"]\n | EVAL datetime = TO_DATETIME(string)\n ```\n ", + "languageDocumentation.documentationESQL.to_degrees": "TO_DEGREES", + "languageDocumentation.documentationESQL.to_degrees.markdown": "\n\n ### TO_DEGREES\n ラジアンの数値を度数に変換します。\n\n ```\n ROW rad = [1.57, 3.14, 4.71]\n | EVAL deg = TO_DEGREES(rad)\n ```\n ", + "languageDocumentation.documentationESQL.to_double": "TO_DOUBLE", + "languageDocumentation.documentationESQL.to_double.markdown": "\n\n ### TO_DOUBLE\n 入力値をdouble値に変換します。入力パラメーターが日付型の場合、その値はUnixのエポックからのミリ秒として解釈され、doubleに変換されます。\n \n ブール値の*true*はdouble値の*1.0*に、*false*は*0.0*に変換されます。\n\n ```\n ROW str1 = \"5.20128E11\", str2 = \"foo\"\n | EVAL dbl = TO_DOUBLE(\"520128000000\"), dbl1 = TO_DOUBLE(str1), dbl2 = TO_DOUBLE(str2)\n ```\n ", + "languageDocumentation.documentationESQL.to_geopoint": "TO_GEOPOINT", + "languageDocumentation.documentationESQL.to_geopoint.markdown": "\n\n ### TO_GEOPOINT\n 入力値をgeo_point値に変換します。\n 文字列は、WKT Point形式に従っている場合にのみ、正常に変換されます。\n\n ```\n ROW wkt = \"POINT(42.97109630194 14.7552534413725)\"\n | EVAL pt = TO_GEOPOINT(wkt)\n ```\n ", + "languageDocumentation.documentationESQL.to_geoshape": "TO_GEOSHAPE", + "languageDocumentation.documentationESQL.to_geoshape.markdown": "\n\n ### TO_GEOSHAPE\n 入力値をgeo_shape値に変換します。\n 文字列は、WKT形式に従っている場合にのみ、正常に変換されます。\n\n ```\n ROW wkt = \"POLYGON ((30 10, 40 40, 20 40, 10 20, 30 10))\"\n | EVAL geom = TO_GEOSHAPE(wkt)\n ```\n ", + "languageDocumentation.documentationESQL.to_integer": "TO_INTEGER", + "languageDocumentation.documentationESQL.to_integer.markdown": "\n\n ### TO_INTEGER\n 入力値を整数値に変換します。\n 入力パラメーターが日付型の場合、その値はUnixのエポックからのミリ秒として解釈され、整数に変換されます。\n \n ブール値*true*は整数*1*に、*false*は*0*に変換されます。\n\n ```\n ROW long = [5013792, 2147483647, 501379200000]\n | EVAL int = TO_INTEGER(long)\n ```\n ", + "languageDocumentation.documentationESQL.to_ip": "TO_IP", + "languageDocumentation.documentationESQL.to_ip.markdown": "\n\n ### TO_IP\n 入力文字列をIP値に変換します。\n\n ```\n ROW str1 = \"1.1.1.1\", str2 = \"foo\"\n | EVAL ip1 = TO_IP(str1), ip2 = TO_IP(str2)\n | WHERE CIDR_MATCH(ip1, \"1.0.0.0/8\")\n ```\n ", + "languageDocumentation.documentationESQL.to_long": "TO_LONG", + "languageDocumentation.documentationESQL.to_long.markdown": "\n\n ### TO_LONG\n 入力値をlong値に変換します。入力パラメーターが日付型の場合、\n その値はUnixのエポックからのミリ秒として解釈され、longに変換されます。\n ブール値の*true*は*long*値の*1*に、*false*は*0*に変換されます。\n\n ```\n ROW str1 = \"2147483648\", str2 = \"2147483648.2\", str3 = \"foo\"\n | EVAL long1 = TO_LONG(str1), long2 = TO_LONG(str2), long3 = TO_LONG(str3)\n ```\n ", + "languageDocumentation.documentationESQL.to_lower": "TO_LOWER", + "languageDocumentation.documentationESQL.to_lower.markdown": "\n\n ### TO_LOWER\n 小文字に変換された入力文字列を表す新しい文字列を返します。\n\n ```\n ROW message = \"Some Text\"\n | EVAL message_lower = TO_LOWER(message)\n ```\n ", + "languageDocumentation.documentationESQL.to_radians": "TO_RADIANS", + "languageDocumentation.documentationESQL.to_radians.markdown": "\n\n ### TO_RADIANS\n 度数をラジアンに変換します。\n\n ```\n ROW deg = [90.0, 180.0, 270.0]\n | EVAL rad = TO_RADIANS(deg)\n ```\n ", + "languageDocumentation.documentationESQL.to_string": "TO_STRING", + "languageDocumentation.documentationESQL.to_string.markdown": "\n\n ### TO_STRING\n 入力値を文字列に変換します。\n\n ```\n ROW a=10\n | EVAL j = TO_STRING(a)\n ```\n ", + "languageDocumentation.documentationESQL.to_unsigned_long": "TO_UNSIGNED_LONG", + "languageDocumentation.documentationESQL.to_unsigned_long.markdown": "\n\n ### TO_UNSIGNED_LONG\n 入力値を符号なしlong値に変換します。入力パラメーターが日付型の場合、\n その値はUnixのエポックからのミリ秒として解釈され、符号なしlong値に変換されます。\n ブール値の*true*は符号なし*long*値の*1*に、*false*は*0*に変換されます。\n\n ```\n ROW str1 = \"2147483648\", str2 = \"2147483648.2\", str3 = \"foo\"\n | EVAL long1 = TO_UNSIGNED_LONG(str1), long2 = TO_ULONG(str2), long3 = TO_UL(str3)\n ```\n ", + "languageDocumentation.documentationESQL.to_upper": "TO_UPPER", + "languageDocumentation.documentationESQL.to_upper.markdown": "\n\n ### TO_UPPER\n 大文字に変換された入力文字列を表す新しい文字列を返します。\n\n ```\n ROW message = \"Some Text\"\n | EVAL message_upper = TO_UPPER(message)\n ```\n ", + "languageDocumentation.documentationESQL.to_version": "TO_VERSION", + "languageDocumentation.documentationESQL.to_version.markdown": "\n\n ### TO_VERSION\n 入力文字列をバージョン値に変換します。\n\n ```\n ROW v = TO_VERSION(\"1.2.3\")\n ```\n ", + "languageDocumentation.documentationESQL.trim": "TRIM", + "languageDocumentation.documentationESQL.trim.markdown": "\n\n ### TRIM\n 文字列から先頭と末尾の空白を削除します。\n\n ```\n ROW message = \" some text \", color = \" red \"\n | EVAL message = TRIM(message)\n | EVAL color = TRIM(color)\n ```\n ", + "languageDocumentation.documentationESQL.where": "WHERE", + "languageDocumentation.documentationESQL.where.markdown": "### WHERE\nWHEREを使用すると、入力テーブルから、指定した条件がtrueと評価されるすべての行を含むテーブルを作成します。\n \n```\nFROM employees\n| KEEP first_name, last_name, still_hired\n| WHERE still_hired == true\n```\n\n#### 演算子\n\nサポートされている演算子の概要については、**演算子**を参照してください。\n\n#### 関数\nWHEREは値を計算するためのさまざまな関数をサポートしています。**関数**をクリックすると詳細が表示されます。\n ", "textBasedEditor.query.textBasedLanguagesEditor.EnableWordWrapLabel": "パイプの改行を追加", "textBasedEditor.query.textBasedLanguagesEditor.errorCount": "{count} {count, plural, other {# 件のエラー}}", "textBasedEditor.query.textBasedLanguagesEditor.errorsTitle": "エラー", "textBasedEditor.query.textBasedLanguagesEditor.expandLabel": "拡張", "textBasedEditor.query.textBasedLanguagesEditor.feedback": "フィードバック", - "languageDocumentationPopover.documentationESQL.functions": "関数", - "languageDocumentationPopover.documentationESQL.functionsDocumentationESQLDescription": "関数はROW、EVAL、WHEREでサポートされています。", - "languageDocumentationPopover.documentationESQL.groupingFunctions": "グループ関数", - "languageDocumentationPopover.documentationESQL.groupingFunctionsDocumentationESQLDescription": "これらのグループ関数はSTATS...BYで使用できます。", + "languageDocumentation.documentationESQL.functions": "関数", + "languageDocumentation.documentationESQL.functionsDocumentationESQLDescription": "関数はROW、EVAL、WHEREでサポートされています。", + "languageDocumentation.documentationESQL.groupingFunctions": "グループ関数", + "languageDocumentation.documentationESQL.groupingFunctionsDocumentationESQLDescription": "これらのグループ関数はSTATS...BYで使用できます。", "textBasedEditor.query.textBasedLanguagesEditor.hideQueriesLabel": "最近のクエリーを非表示", "textBasedEditor.query.textBasedLanguagesEditor.lineCount": "{count} {count, plural, other {行}}", "textBasedEditor.query.textBasedLanguagesEditor.lineNumber": "行{lineNumber}", - "languageDocumentationPopover.documentationESQL.operators": "演算子", - "languageDocumentationPopover.documentationESQL.operatorsDocumentationESQLDescription": "ES|QLは以下の演算子をサポートしています。", - "languageDocumentationPopover.documentationESQL.processingCommands": "処理コマンド", - "languageDocumentationPopover.documentationESQL.processingCommandsDescription": "処理コマンドは、行や列を追加、削除、変更することによって入力テーブルを変更します。ES|QLは以下の処理コマンドをサポートしています。", + "languageDocumentation.documentationESQL.operators": "演算子", + "languageDocumentation.documentationESQL.operatorsDocumentationESQLDescription": "ES|QLは以下の演算子をサポートしています。", + "languageDocumentation.documentationESQL.processingCommands": "処理コマンド", + "languageDocumentation.documentationESQL.processingCommandsDescription": "処理コマンドは、行や列を追加、削除、変更することによって入力テーブルを変更します。ES|QLは以下の処理コマンドをサポートしています。", "textBasedEditor.query.textBasedLanguagesEditor.querieshistory.error": "クエリ失敗", "textBasedEditor.query.textBasedLanguagesEditor.querieshistory.success": "クエリは正常に実行されました", "textBasedEditor.query.textBasedLanguagesEditor.querieshistoryCopy": "クエリをクリップボードにコピー", @@ -7332,7 +7332,7 @@ "textBasedEditor.query.textBasedLanguagesEditor.recentQueriesColumnLabel": "最近のクエリー", "textBasedEditor.query.textBasedLanguagesEditor.runQuery": "クエリーを実行", "textBasedEditor.query.textBasedLanguagesEditor.showQueriesLabel": "最近のクエリを表示", - "languageDocumentationPopover.documentationESQL.sourceCommands": "ソースコマンド", + "languageDocumentation.documentationESQL.sourceCommands": "ソースコマンド", "textBasedEditor.query.textBasedLanguagesEditor.submitFeedback": "フィードバックを送信", "textBasedEditor.query.textBasedLanguagesEditor.timeRanColumnLabel": "実行時間", "textBasedEditor.query.textBasedLanguagesEditor.timestampNotDetected": "@timestampが見つかりません", @@ -20361,8 +20361,6 @@ "xpack.fleet.settings.agentPolicyAdvanced.agentLoggingLevelTitle": "エージェントログレベル", "xpack.fleet.settings.agentPolicyAdvanced.agentLoggingMetricsPeriodDescription": "内部Elasticエージェントメトリックをログに記録する頻度。", "xpack.fleet.settings.agentPolicyAdvanced.agentLoggingMetricsPeriodTitle": "エージェントログメトリック期間", - "xpack.fleet.settings.agentPolicyAdvanced.agentMonitoringHttpDescription": "Elasticエージェントの全体的な正常性を返すライブネスHTTPエンドポイントを有効化します。これは、たとえば、コンテナーを再起動するためにKubernetesによって使用されることがあります。", - "xpack.fleet.settings.agentPolicyAdvanced.agentMonitoringHttpTitle": "HTTP監視エンドポイント", "xpack.fleet.settings.agentPolicyAdvanced.downloadTimeoutDescription": "エージェントバイナリのダウンロードに関するタイムアウト。", "xpack.fleet.settings.agentPolicyAdvanced.downloadTimeoutTitle": "エージェントバイナリダウンロードタイムアウト", "xpack.fleet.settings.agentPolicyAdvanced.downloadTimeoutValidationMessage": "30s、5m、2h、1dなどの時間単位の文字列でなければなりません", @@ -22599,12 +22597,10 @@ "xpack.indexLifecycleMgmt.editPolicy.searchableSnapshotLicenseCalloutTitle": "エンタープライズライセンスが必要です", "xpack.indexLifecycleMgmt.editPolicy.searchableSnapshotRepoFieldLabel": "スナップショットリポジトリ", "xpack.indexLifecycleMgmt.editPolicy.searchableSnapshotRepoRequiredError": "スナップショットリポジトリ名が必要です。", - "xpack.indexLifecycleMgmt.editPolicy.searchableSnapshotStorageFieldLabel": "検索可能スナップショットストレージ", "xpack.indexLifecycleMgmt.editPolicy.showPolicyJsonButton": "リクエストを表示", "xpack.indexLifecycleMgmt.editPolicy.shrink.configureShardCountLabel": "シャード数を構成", "xpack.indexLifecycleMgmt.editPolicy.shrink.configureShardSizeLabel": "シャードサイズを構成", "xpack.indexLifecycleMgmt.editPolicy.shrinkIndexExplanationText": "インデックス情報をプライマリシャードの少ない新規インデックスに縮小します。", - "xpack.indexLifecycleMgmt.editPolicy.shrinkText": "縮小", "xpack.indexLifecycleMgmt.editPolicy.successfulSaveMessage": "ライフサイクルポリシー「{lifecycleName}」を{verb}", "xpack.indexLifecycleMgmt.editPolicy.timeUnits.daysLabel": "日", "xpack.indexLifecycleMgmt.editPolicy.timeUnits.hoursLabel": "時間", @@ -22715,10 +22711,8 @@ "xpack.indexLifecycleMgmt.policyTable.addLifecyclePolicyToTemplateConfirmModal.successMessage": "インデックステンプレート {templateName} にポリシー {policyName} を追加しました", "xpack.indexLifecycleMgmt.policyTable.addLifecyclePolicyToTemplateConfirmModal.templateHasPolicyWarningTitle": "テンプレートにすでにポリシーがあります", "xpack.indexLifecycleMgmt.policyTable.addLifecyclePolicyToTemplateConfirmModal.title": "インデックステンプレートにポリシー「{name}」 を追加", - "xpack.indexLifecycleMgmt.policyTable.addPolicyToTemplateButtonText": "インデックステンプレートにポリシーを追加", "xpack.indexLifecycleMgmt.policyTable.captionText": "次の表には{count, plural, other {# 個のインデックスライフサイクルポリシー}}が含まれています。", "xpack.indexLifecycleMgmt.policyTable.deletePolicyButtonDisabledTooltip": "インデックスが使用中のポリシーは削除できません", - "xpack.indexLifecycleMgmt.policyTable.deletePolicyButtonText": "ポリシーを削除", "xpack.indexLifecycleMgmt.policyTable.emptyPrompt.createButtonLabel": "ポリシーを作成", "xpack.indexLifecycleMgmt.policyTable.emptyPromptDescription": " ライフサイクルポリシーは、インデックスが古くなるにつれ管理しやすくなります。", "xpack.indexLifecycleMgmt.policyTable.emptyPromptTitle": "初めのインデックスライフサイクルポリシーの作成", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index 3bba91575cbd4..371edc7a2a463 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -5450,10 +5450,10 @@ "kibanaOverview.manageData.sectionTitle": "管理您的数据", "kibanaOverview.more.title": "Elastic 让您事半功倍", "kibanaOverview.news.title": "最新动态", - "languageDocumentationPopover.documentationLinkLabel": "查看整个文档", - "languageDocumentationPopover.header": "{language} 参考", - "languageDocumentationPopover.searchPlaceholder": "搜索", - "languageDocumentationPopover.tooltip": "{lang} 参考", + "languageDocumentation.documentationLinkLabel": "查看整个文档", + "languageDocumentation.header": "{language} 参考", + "languageDocumentation.searchPlaceholder": "搜索", + "languageDocumentation.tooltip": "{lang} 参考", "lensFormulaDocs.avg": "平均值", "lensFormulaDocs.boolean": "布尔值", "lensFormulaDocs.cardinality": "唯一计数", @@ -7090,253 +7090,253 @@ "telemetry.usageCollectionConstant": "使用情况收集", "telemetry.usageDataTitle": "使用情况收集", "textBasedEditor.query.textBasedLanguagesEditor.aborted": "请求已中止", - "languageDocumentationPopover.documentationESQL.aggregationFunctions": "聚合函数", - "languageDocumentationPopover.documentationESQL.aggregationFunctionsDocumentationESQLDescription": "这些函数可以与 STATS...BY 搭配使用:", + "languageDocumentation.documentationESQL.aggregationFunctions": "聚合函数", + "languageDocumentation.documentationESQL.aggregationFunctionsDocumentationESQLDescription": "这些函数可以与 STATS...BY 搭配使用:", "textBasedEditor.query.textBasedLanguagesEditor.cancel": "取消", "textBasedEditor.query.textBasedLanguagesEditor.collapseLabel": "折叠", - "languageDocumentationPopover.documentationESQL.commandsDescription": "源命令会生成一个表,其中通常包含来自 Elasticsearch 的数据。ES|QL 支持以下源命令。", + "languageDocumentation.documentationESQL.commandsDescription": "源命令会生成一个表,其中通常包含来自 Elasticsearch 的数据。ES|QL 支持以下源命令。", "textBasedEditor.query.textBasedLanguagesEditor.disableWordWrapLabel": "移除管道符上的换行符", - "languageDocumentationPopover.documentationESQL.abs": "ABS", - "languageDocumentationPopover.documentationESQL.abs.markdown": "\n\n ### ABS\n 返回绝对值。\n\n ```\n ROW number = -1.0 \n | EVAL abs_number = ABS(number)\n ```\n ", - "languageDocumentationPopover.documentationESQL.acos": "ACOS", - "languageDocumentationPopover.documentationESQL.acos.markdown": "\n\n ### ACOS\n 返回 `n` 的反余弦作为角度,以弧度表示。\n\n ```\n ROW a=.9\n | EVAL acos=ACOS(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.asin": "ASIN", - "languageDocumentationPopover.documentationESQL.asin.markdown": "\n\n ### ASIN\n 返回输入数字表达式的反正弦\n 作为角度,以弧度表示。\n\n ```\n ROW a=.9\n | EVAL asin=ASIN(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.atan": "ATAN", - "languageDocumentationPopover.documentationESQL.atan.markdown": "\n\n ### ATAN\n 返回输入数字表达式的反正切\n 作为角度,以弧度表示。\n\n ```\n ROW a=12.9\n | EVAL atan=ATAN(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.atan2": "ATAN2", - "languageDocumentationPopover.documentationESQL.atan2.markdown": "\n\n ### ATAN2\n 笛卡儿平面中正 x 轴\n 与从原点到点 (x , y) 构成的射线之间的角度,以弧度表示。\n\n ```\n ROW y=12.9, x=.6\n | EVAL atan2=ATAN2(y, x)\n ```\n ", - "languageDocumentationPopover.documentationESQL.autoBucketFunction": "BUCKET", - "languageDocumentationPopover.documentationESQL.autoBucketFunction.markdown": "### BUCKET\n用日期时间或数字输入创建值(存储桶)的分组。存储桶的大小可以直接提供,或基于建议的计数和值范围进行选择。\n\n`BUCKET` 以两种模式运行:\n\n1.在此模式下基于存储桶计数建议(四个参数)和范围计算存储桶的大小。\n2.在此模式下直接提供存储桶大小(两个参数)。\n\n使用存储桶的目标数量、起始范围和结束范围,`BUCKET` 将选取适当的存储桶大小以生成目标数量或更小数量的存储桶。\n\n例如,一年请求多达 20 个存储桶会按每月时间间隔组织数据:\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hire_date = MV_SORT(VALUES(hire_date)) BY month = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT hire_date\n```\n\n**注意**:目标并不是提供存储桶的确切目标数量,而是选择一个范围,最多提供存储桶的目标数量。\n\n可以组合 `BUCKET` 与聚合以创建直方图:\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hires_per_month = COUNT(*) BY month = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT month\n```\n\n**注意**:`BUCKET` 不会创建未匹配任何文档的存储桶。因此,上一示例缺少 `1985-03-01` 和其他日期。\n\n如果需要更多存储桶,可能导致更小的范围。例如,如果一年内最多请求 100 个存储桶,会导致周期为周的存储桶:\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hires_per_week = COUNT(*) BY week = BUCKET(hire_date, 100, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT week\n```\n\n**注意**:`AUTO_BUCKET` 不筛选任何行。它只会使用提供的范围来选取适当的存储桶大小。对于值超出范围的行,它会返回与超出范围的存储桶对应的存储桶值。组合 `BUCKET` 与 `WHERE` 可筛选行。\n\n如果提前已知所需存储桶大小,则只需提供它作为第二个参数,而忽略范围:\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hires_per_week = COUNT(*) BY week = BUCKET(hire_date, 1 week)\n| SORT week\n```\n\n**注意**:提供存储桶大小作为第二个参数时,它必须为持续时间或日期期间。\n\n`BUCKET` 还可对数字字段执行操作。例如,要创建工资直方图:\n\n```\nFROM employees\n| STATS COUNT(*) by bs = BUCKET(salary, 20, 25324, 74999)\n| SORT bs\n```\n\n与前面的有意筛选日期范围示例不同,您极少想要筛选数值范围。您必须分别查找最小值和最大值。ES|QL 尚未提供简便方法来自动执行此操作。\n\n如果提前已知所需存储桶大小,则可以忽略该范围。只需提供它作为第二个参数即可:\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS c = COUNT(1) BY b = BUCKET(salary, 5000.)\n| SORT b\n```\n\n**注意**:提供存储桶大小作为第二个参数时,它必须为 **浮点类型**。\n\n这里提供了一个示例,用于为过去 24 小时创建小时存储桶,并计算每小时的事件数:\n\n```\nFROM sample_data\n| WHERE @timestamp >= NOW() - 1 day and @timestamp < NOW()\n| STATS COUNT(*) BY bucket = BUCKET(@timestamp, 25, NOW() - 1 day, NOW())\n```\n\n这里提供了一个示例,用于为 1985 年创建月度存储桶,并按聘用月份计算平均工资:\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS AVG(salary) BY bucket = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT bucket\n```\n\n`BUCKET` 可用在 `STATS …​ BY …`​ 命令的聚合和分组部分, 前提是在聚合部分中,该函数 **由在分组部分中定义的别名引用**,或使用完全相同的表达式调用。\n\n例如:\n\n```\nFROM employees\n| STATS s1 = b1 + 1, s2 = BUCKET(salary / 1000 + 999, 50.) + 2 BY b1 = BUCKET(salary / 100 + 99, 50.), b2 = BUCKET(salary / 1000 + 999, 50.)\n| SORT b1, b2\n| KEEP s1, b1, s2, b2\n```\n ", - "languageDocumentationPopover.documentationESQL.binaryOperators": "二进制运算符", - "languageDocumentationPopover.documentationESQL.binaryOperators.markdown": "### 二进制运算符\n支持这些二进制比较运算符:\n\n* 等于:`==`\n* 不等于:`!=`\n* 小于:`<`\n* 小于或等于:`<=`\n* 大于:`>`\n* 大于或等于:`>=`\n* 加:`+`\n* 减:`-`\n* 乘:`*`\n* 除:`/`\n* 取模:`%`\n ", - "languageDocumentationPopover.documentationESQL.booleanOperators": "布尔运算符", - "languageDocumentationPopover.documentationESQL.booleanOperators.markdown": "### 布尔运算符\n支持以下布尔运算符:\n\n* `AND`\n* `OR`\n* `NOT`\n ", - "languageDocumentationPopover.documentationESQL.bucket": "BUCKET", - "languageDocumentationPopover.documentationESQL.bucket.markdown": "\n\n ### BUCKET\n 用日期时间或数字输入创建值(存储桶)的分组。\n 存储桶的大小可以直接提供,或基于建议的计数和值范围进行选择。\n\n ```\n FROM employees\n | WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n | STATS hire_date = MV_SORT(VALUES(hire_date)) BY month = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n | SORT hire_date\n ```\n ", - "languageDocumentationPopover.documentationESQL.case": "CASE", - "languageDocumentationPopover.documentationESQL.case.markdown": "\n\n ### CASE\n 接受成对的条件和值。此函数返回属于第一个\n 评估为 `true` 的条件的值。\n\n 如果参数数量为奇数,则最后一个参数为\n 在无条件匹配时返回的默认值。如果参数数量为偶数,且\n 无任何条件匹配,则此函数返回 `null`。\n\n ```\n FROM employees\n | EVAL type = CASE(\n languages <= 1, \"monolingual\",\n languages <= 2, \"bilingual\",\n \"polyglot\")\n | KEEP emp_no, languages, type\n ```\n ", - "languageDocumentationPopover.documentationESQL.castOperator": "Cast (::)", - "languageDocumentationPopover.documentationESQL.castOperator.markdown": "### CAST (`::`)\n`::` 运算符为 `TO_` 类型转换函数提供了实用的替代语法。\n\n例如:\n```\nROW ver = CONCAT((\"0\"::INT + 1)::STRING, \".2.3\")::VERSION\n```\n ", - "languageDocumentationPopover.documentationESQL.cbrt": "CBRT", - "languageDocumentationPopover.documentationESQL.cbrt.markdown": "\n\n ### CBRT\n 返回数字的立方根。输入可以为任何数字值,返回值始终为双精度值。\n 无穷大的立方根为 null。\n\n ```\n ROW d = 1000.0\n | EVAL c = cbrt(d)\n ```\n ", - "languageDocumentationPopover.documentationESQL.ceil": "CEIL", - "languageDocumentationPopover.documentationESQL.ceil.markdown": "\n\n ### CEIL\n 将数字四舍五入为最近的整数。\n\n ```\n ROW a=1.8\n | EVAL a=CEIL(a)\n ```\n 注意:对于 `long`(包括无符号值)和 `integer`,这相当于“无操作”。对于 `double`,这会提取最接近整数的 `double` 值,类似于 Math.ceil。\n ", - "languageDocumentationPopover.documentationESQL.cidr_match": "CIDR_MATCH", - "languageDocumentationPopover.documentationESQL.cidr_match.markdown": "\n\n ### CIDR_MATCH\n 如果提供的 IP 包含在所提供的其中一个 CIDR 块中,则返回 true。\n\n ```\n FROM hosts \n | WHERE CIDR_MATCH(ip1, \"127.0.0.2/32\", \"127.0.0.3/32\") \n | KEEP card, host, ip0, ip1\n ```\n ", - "languageDocumentationPopover.documentationESQL.coalesce": "COALESCE", - "languageDocumentationPopover.documentationESQL.coalesce.markdown": "\n\n ### COALESCE\n 返回它的第一个不为 null 的参数。如果所有参数均为 null,则返回 `null`。\n\n ```\n ROW a=null, b=\"b\"\n | EVAL COALESCE(a, b)\n ```\n ", - "languageDocumentationPopover.documentationESQL.concat": "CONCAT", - "languageDocumentationPopover.documentationESQL.concat.markdown": "\n\n ### CONCAT\n 串联两个或多个字符串。\n\n ```\n FROM employees\n | KEEP first_name, last_name\n | EVAL fullname = CONCAT(first_name, \" \", last_name)\n ```\n ", - "languageDocumentationPopover.documentationESQL.cos": "COS", - "languageDocumentationPopover.documentationESQL.cos.markdown": "\n\n ### COS\n 返回角度的余弦。\n\n ```\n ROW a=1.8 \n | EVAL cos=COS(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.cosh": "COSH", - "languageDocumentationPopover.documentationESQL.cosh.markdown": "\n\n ### COSH\n 返回角度的双曲余弦。\n\n ```\n ROW a=1.8 \n | EVAL cosh=COSH(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.date_diff": "DATE_DIFF", - "languageDocumentationPopover.documentationESQL.date_diff.markdown": "\n\n ### DATE_DIFF\n 从 `endTimestamp` 中减去 `startTimestamp`,并以倍数 `unit` 返回差异。\n 如果 `startTimestamp` 晚于 `endTimestamp`,则返回负值。\n\n ```\n ROW date1 = TO_DATETIME(\"2023-12-02T11:00:00.000Z\"), date2 = TO_DATETIME(\"2023-12-02T11:00:00.001Z\")\n | EVAL dd_ms = DATE_DIFF(\"microseconds\", date1, date2)\n ```\n ", - "languageDocumentationPopover.documentationESQL.date_extract": "DATE_EXTRACT", - "languageDocumentationPopover.documentationESQL.date_extract.markdown": "\n\n ### DATE_EXTRACT\n 提取日期的某些部分,如年、月、日、小时。\n\n ```\n ROW date = DATE_PARSE(\"yyyy-MM-dd\", \"2022-05-06\")\n | EVAL year = DATE_EXTRACT(\"year\", date)\n ```\n ", - "languageDocumentationPopover.documentationESQL.date_format": "DATE_FORMAT", - "languageDocumentationPopover.documentationESQL.date_format.markdown": "\n\n ### DATE_FORMAT\n 以提供的格式返回日期的字符串表示形式。\n\n ```\n FROM employees\n | KEEP first_name, last_name, hire_date\n | EVAL hired = DATE_FORMAT(\"YYYY-MM-dd\", hire_date)\n ```\n ", - "languageDocumentationPopover.documentationESQL.date_parse": "DATE_PARSE", - "languageDocumentationPopover.documentationESQL.date_parse.markdown": "\n\n ### DATE_PARSE\n 通过使用在第一个参数中指定的格式来解析第二个参数,从而返回日期。\n\n ```\n ROW date_string = \"2022-05-06\"\n | EVAL date = DATE_PARSE(\"yyyy-MM-dd\", date_string)\n ```\n ", - "languageDocumentationPopover.documentationESQL.date_trunc": "DATE_TRUNC", - "languageDocumentationPopover.documentationESQL.date_trunc.markdown": "\n\n ### DATE_TRUNC\n 将日期向下舍入到最近的时间间隔。\n\n ```\n FROM employees\n | KEEP first_name, last_name, hire_date\n | EVAL year_hired = DATE_TRUNC(1 year, hire_date)\n ```\n ", - "languageDocumentationPopover.documentationESQL.dissect": "DISSECT", - "languageDocumentationPopover.documentationESQL.dissect.markdown": "### DISSECT\n使用 `DISSECT`,您可以从字符串中提取结构化数据。`DISSECT` 将根据基于分隔符的模式来匹配字符串,并提取指定键作为列。\n\n请参阅[分解处理器文档](https://www.elastic.co/guide/en/elasticsearch/reference/current/dissect-processor.html)了解分解模式的语法。\n\n```\nROW a = \"1953-01-23T12:15:00Z - some text - 127.0.0.1\"\n| DISSECT a \"%'{Y}-%{M}-%{D}T%{h}:%{m}:%{s}Z - %{msg} - %{ip}'\"\n``` ", - "languageDocumentationPopover.documentationESQL.drop": "DROP", - "languageDocumentationPopover.documentationESQL.drop.markdown": "### DROP\n使用 `DROP` 可从表中移除列:\n \n```\nFROM employees\n| DROP height\n```\n\n您不必按名称指定每个列,而可以使用通配符丢弃名称匹配某种模式的所有列:\n\n```\nFROM employees\n| DROP height*\n```\n ", - "languageDocumentationPopover.documentationESQL.e": "E", - "languageDocumentationPopover.documentationESQL.e.markdown": "\n\n ### E\n 返回 Euler 函数的编号。\n\n ```\n ROW E()\n ```\n ", - "languageDocumentationPopover.documentationESQL.ends_with": "ENDS_WITH", - "languageDocumentationPopover.documentationESQL.ends_with.markdown": "\n\n ### ENDS_WITH\n 返回布尔值,指示关键字字符串是否以另一个字符串结尾。\n\n ```\n FROM employees\n | KEEP last_name\n | EVAL ln_E = ENDS_WITH(last_name, \"d\")\n ```\n ", - "languageDocumentationPopover.documentationESQL.enrich": "ENRICH", - "languageDocumentationPopover.documentationESQL.enrich.markdown": "### ENRICH\n您可以使用 `ENRICH` 将来自现有索引的数据添加到传入记录中。它类似于[采集扩充](https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest-enriching-data.html),但作用于查询时间。\n\n```\nROW language_code = \"1\"\n| ENRICH languages_policy\n```\n\n执行 `ENRICH` 需要[扩充策略](https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest-enriching-data.html#enrich-policy)。扩充策略定义一个匹配字段(键字段)和一组扩充字段。\n\n`ENRICH` 将根据匹配字段值在[扩充索引](https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest-enriching-data.html#enrich-index)中查找记录。输入数据集中的匹配键可以使用 `ON ` 来定义;如果未指定,将对字段名称与在扩充策略中定义的匹配字段相同的字段执行匹配。\n\n```\nROW a = \"1\"\n| ENRICH languages_policy ON a\n```\n\n您可以使用 `WITH , ...` 语法指定必须将哪些属性(在那些在策略中定义为扩充字段的字段之间)添加到结果中。\n\n```\nROW a = \"1\"\n| ENRICH languages_policy ON a WITH language_name\n```\n\n还可以使用 `WITH new_name=` 重命名属性\n\n```\nROW a = \"1\"\n| ENRICH languages_policy ON a WITH name = language_name\n```\n\n默认情况下(如果未定义任何 `WITH`),`ENRICH` 会将在扩充策略中定义的所有扩充字段添加到结果中。\n\n如果出现名称冲突,新创建的字段将覆盖现有字段。\n ", - "languageDocumentationPopover.documentationESQL.eval": "EVAL", - "languageDocumentationPopover.documentationESQL.eval.markdown": "### EVAL\n`EVAL` 允许您添加新列:\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| EVAL height_feet = height * 3.281, height_cm = height * 100\n```\n\n如果指定列已存在,将丢弃现有列,并将新列追加到表后面:\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| EVAL height = height * 3.281\n```\n\n#### 函数\n`EVAL` 支持各种用于计算值的函数。请参阅“函数”了解更多信息。\n ", - "languageDocumentationPopover.documentationESQL.floor": "FLOOR", - "languageDocumentationPopover.documentationESQL.floor.markdown": "\n\n ### FLOOR\n 将数字向下舍入到最近的整数。\n\n ```\n ROW a=1.8\n | EVAL a=FLOOR(a)\n ```\n 注意:对于 `long`(包括无符号值)和 `integer`,这相当于“无操作”。\n 对于 `double`,这会提取最接近整数的 `double` 值,\n 类似于 Math.floor。\n ", - "languageDocumentationPopover.documentationESQL.from": "FROM", - "languageDocumentationPopover.documentationESQL.from_base64": "FROM_BASE64", - "languageDocumentationPopover.documentationESQL.from_base64.markdown": "\n\n ### FROM_BASE64\n 解码 base64 字符串。\n\n ```\n row a = \"ZWxhc3RpYw==\" \n | eval d = from_base64(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.from.markdown": "### FROM\n`FROM` 源命令返回一个表,其中最多包含 10,000 个来自数据流、索引或别名的文档。生成的表中的每一行代表一个文档。每一列对应一个字段,并可以通过该字段的名称进行访问。\n\n```\nFROM employees\n```\n\n您可以使用[日期数学表达式](https://www.elastic.co/guide/en/elasticsearch/reference/current/api-conventions.html#api-date-math-index-names)来引用索引、别名和数据流。这可能对时间序列数据非常有用。\n\n使用逗号分隔列表或通配符可查询多个数据流、索引或别名:\n\n```\nFROM employees-00001,employees-*\n```\n\n#### 元数据\n\nES|QL 可访问以下元数据字段:\n\n* `_index`:文档所属的索引。字段类型为 `keyword`.\n* `_id`:源文档的 ID。字段类型为 `keyword`.\n* `_version`:源文档的版本。字段类型为 `long`。\n\n使用 `METADATA` 指令可启用元数据字段:\n\n```\nFROM index [METADATA _index, _id]\n```\n\n元数据字段仅在数据源为索引时可用。因此,`FROM` 是唯一支持 `METADATA` 指令的源命令。\n\n启用后,这些字段将可用于后续处理命令,就像其他索引字段一样:\n\n```\nFROM ul_logs, apps [METADATA _index, _version]\n| WHERE id IN (13, 14) AND _version == 1\n| EVAL key = CONCAT(_index, \"_\", TO_STR(id))\n| SORT id, _index\n| KEEP id, _index, _version, key\n```\n\n此外,与索引字段类似,一旦执行了聚合,后续命令将无法再访问元数据字段,除非它用作分组字段:\n\n```\nFROM employees [METADATA _index, _id]\n| STATS max = MAX(emp_no) BY _index\n```\n ", - "languageDocumentationPopover.documentationESQL.greatest": "GREATEST", - "languageDocumentationPopover.documentationESQL.greatest.markdown": "\n\n ### GREATEST\n 返回多个列中的最大值。除了可一次对多个列运行以外,\n 此函数与 `MV_MAX` 类似。\n\n ```\n ROW a = 10, b = 20\n | EVAL g = GREATEST(a, b)\n ```\n 注意:对 `keyword` 或 `text` 字段运行时,此函数将按字母顺序返回最后一个字符串。对 `boolean` 列运行时,如果任何值为 `true`,此函数将返回 `true`。\n ", - "languageDocumentationPopover.documentationESQL.grok": "GROK", - "languageDocumentationPopover.documentationESQL.grok.markdown": "### GROK\n使用 `GROK`,您可以从字符串中提取结构化数据。`GROK` 将基于正则表达式根据模式来匹配字符串,并提取指定模式作为列。\n\n请参阅 [grok 处理器文档](https://www.elastic.co/guide/en/elasticsearch/reference/current/grok-processor.html)了解 grok 模式的语法。\n\n```\nROW a = \"12 15.5 15.6 true\"\n| GROK a \"%'{NUMBER:b:int}' %'{NUMBER:c:float}' %'{NUMBER:d:double}' %'{WORD:e:boolean}'\"\n```\n ", - "languageDocumentationPopover.documentationESQL.inOperator": "IN", - "languageDocumentationPopover.documentationESQL.inOperator.markdown": "### IN\n`IN` 运算符允许测试字段或表达式是否等于文本、字段或表达式列表中的元素:\n\n```\nROW a = 1, b = 4, c = 3\n| WHERE c-a IN (3, b / 2, a)\n```\n ", - "languageDocumentationPopover.documentationESQL.ip_prefix": "IP_PREFIX", - "languageDocumentationPopover.documentationESQL.ip_prefix.markdown": "\n\n ### IP_PREFIX\n 截短 IP 至给定的前缀长度。\n\n ```\n row ip4 = to_ip(\"1.2.3.4\"), ip6 = to_ip(\"fe80::cae2:65ff:fece:feb9\")\n | eval ip4_prefix = ip_prefix(ip4, 24, 0), ip6_prefix = ip_prefix(ip6, 0, 112);\n ```\n ", - "languageDocumentationPopover.documentationESQL.keep": "KEEP", - "languageDocumentationPopover.documentationESQL.keep.markdown": "### KEEP\n使用 `KEEP` 命令,您可以指定将返回哪些列以及返回这些列的顺序。\n\n要限制返回的列数,请使用列名的逗号分隔列表。将按指定顺序返回这些列:\n \n```\nFROM employees\n| KEEP first_name, last_name, height\n```\n\n您不必按名称指定每个列,而可以使用通配符返回名称匹配某种模式的所有列:\n\n```\nFROM employees\n| KEEP h*\n```\n\n星号通配符 (`*`) 自身将转换为不与其他参数匹配的所有列。此查询将首先返回所有名称以 h 开头的所有列,随后返回所有其他列:\n\n```\nFROM employees\n| KEEP h*, *\n```\n ", - "languageDocumentationPopover.documentationESQL.least": "LEAST", - "languageDocumentationPopover.documentationESQL.least.markdown": "\n\n ### LEAST\n 返回多个列中的最小值。除了可一次对多个列运行以外,此函数与 `MV_MIN` 类似。\n\n ```\n ROW a = 10, b = 20\n | EVAL l = LEAST(a, b)\n ```\n ", - "languageDocumentationPopover.documentationESQL.left": "LEFT", - "languageDocumentationPopover.documentationESQL.left.markdown": "\n\n ### LEFT\n 返回从“字符串”中提取“长度”字符的子字符串,从左侧开始。\n\n ```\n FROM employees\n | KEEP last_name\n | EVAL left = LEFT(last_name, 3)\n | SORT last_name ASC\n | LIMIT 5\n ```\n ", - "languageDocumentationPopover.documentationESQL.length": "LENGTH", - "languageDocumentationPopover.documentationESQL.length.markdown": "\n\n ### LENGTH\n 返回字符串的字符长度。\n\n ```\n FROM employees\n | KEEP first_name, last_name\n | EVAL fn_length = LENGTH(first_name)\n ```\n ", - "languageDocumentationPopover.documentationESQL.limit": "LIMIT", - "languageDocumentationPopover.documentationESQL.limit.markdown": "### LIMIT\n`LIMIT` 处理命令允许您限制行数:\n \n```\nFROM employees\n| LIMIT 5\n```\n ", - "languageDocumentationPopover.documentationESQL.locate": "LOCATE", - "languageDocumentationPopover.documentationESQL.locate.markdown": "\n\n ### LOCATE\n 返回一个整数,指示关键字子字符串在另一字符串中的位置\n\n ```\n row a = \"hello\"\n | eval a_ll = locate(a, \"ll\")\n ```\n ", - "languageDocumentationPopover.documentationESQL.log": "LOG", - "languageDocumentationPopover.documentationESQL.log.markdown": "\n\n ### LOG\n 以某底数返回值的对数。输入可以为任何数字值,返回值始终为双精度值。\n\n 求零、负数的对数,以及底数为一时将返回 `null`,并显示警告。\n\n ```\n ROW base = 2.0, value = 8.0\n | EVAL s = LOG(base, value)\n ```\n ", - "languageDocumentationPopover.documentationESQL.log10": "LOG10", - "languageDocumentationPopover.documentationESQL.log10.markdown": "\n\n ### LOG10\n 以底数 10 返回值的对数。输入可以为任何数字值,返回值始终为双精度值。\n\n 求 0 和负数的对数时将返回 `null`,并显示警告。\n\n ```\n ROW d = 1000.0 \n | EVAL s = LOG10(d)\n ```\n ", - "languageDocumentationPopover.documentationESQL.ltrim": "LTRIM", - "languageDocumentationPopover.documentationESQL.ltrim.markdown": "\n\n ### LTRIM\n 从字符串中移除前导空格。\n\n ```\n ROW message = \" some text \", color = \" red \"\n | EVAL message = LTRIM(message)\n | EVAL color = LTRIM(color)\n | EVAL message = CONCAT(\"'\", message, \"'\")\n | EVAL color = CONCAT(\"'\", color, \"'\")\n ```\n ", - "languageDocumentationPopover.documentationESQL.markdown": "## ES|QL\n\nES|QL(Elasticsearch 查询语言)查询包含一系列命令,它们用管道字符分隔:`|`。每个查询以**源命令**开头,它会生成一个表,其中通常包含来自 Elasticsearch 的数据。\n\n源命令可后接一个或多个**处理命令**。处理命令可通过添加、移除以及更改行和列来更改前一个命令的输出表。\n\n```\nsource-command\n| processing-command1\n| processing-command2\n```\n\n查询的结果为由最后的处理命令生成的表。 \n ", - "languageDocumentationPopover.documentationESQL.mv_append": "MV_APPEND", - "languageDocumentationPopover.documentationESQL.mv_append.markdown": "\n\n ### MV_APPEND\n 串联两个多值字段的值。\n\n ", - "languageDocumentationPopover.documentationESQL.mv_avg": "MV_AVG", - "languageDocumentationPopover.documentationESQL.mv_avg.markdown": "\n\n ### MV_AVG\n 将多值字段转换为包含所有值的平均值的单值字段。\n\n ```\n ROW a=[3, 5, 1, 6]\n | EVAL avg_a = MV_AVG(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_concat": "MV_CONCAT", - "languageDocumentationPopover.documentationESQL.mv_concat.markdown": "\n\n ### MV_CONCAT\n 将多值字符串表达式转换为单值列,其中包含由分隔符分隔的所有值的串联形式。\n\n ```\n ROW a=[\"foo\", \"zoo\", \"bar\"]\n | EVAL j = MV_CONCAT(a, \", \")\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_count": "MV_COUNT", - "languageDocumentationPopover.documentationESQL.mv_count.markdown": "\n\n ### MV_COUNT\n 将多值表达式转换为包含值计数的单值列。\n\n ```\n ROW a=[\"foo\", \"zoo\", \"bar\"]\n | EVAL count_a = MV_COUNT(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_dedupe": "MV_DEDUPE", - "languageDocumentationPopover.documentationESQL.mv_dedupe.markdown": "\n\n ### MV_DEDUPE\n 移除多值字段中的重复值。\n\n ```\n ROW a=[\"foo\", \"foo\", \"bar\", \"foo\"]\n | EVAL dedupe_a = MV_DEDUPE(a)\n ```\n 注意:`MV_DEDUPE` 可能但不会始终对列中的值进行排序。\n ", - "languageDocumentationPopover.documentationESQL.mv_first": "MV_FIRST", - "languageDocumentationPopover.documentationESQL.mv_first.markdown": "\n\n ### MV_FIRST\n 将多值表达式转换为包含第一个值的\n 单值列。这在从按已知顺序发出多值列的\n 函数(如 `SPLIT`)中读取数据时尤其有用。\n\n 无法保证从底层存储\n 读取多值字段的顺序。它 *通常* 为升序,但不应\n 依赖于此。如果需要最小值,请使用 `MV_MIN` 而不是\n `MV_FIRST`。`MV_MIN` 针对排序值进行了优化,因此\n 对 `MV_FIRST` 没有性能优势。\n\n ```\n ROW a=\"foo;bar;baz\"\n | EVAL first_a = MV_FIRST(SPLIT(a, \";\"))\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_last": "MV_LAST", - "languageDocumentationPopover.documentationESQL.mv_last.markdown": "\n\n ### MV_LAST\n 将多值表达式转换为包含最后一个值的单值\n 列。这在从按已知顺序发出多值列的函数\n (如 `SPLIT`)中读取数据时尤其有用。\n\n 无法保证从底层存储\n 读取多值字段的顺序。它 *通常* 为升序,但不应\n 依赖于此。如果需要最大值,请使用 `MV_MAX` 而不是\n `MV_LAST`。`MV_MAX` 针对排序值进行了优化,因此\n 对 `MV_LAST` 没有性能优势。\n\n ```\n ROW a=\"foo;bar;baz\"\n | EVAL last_a = MV_LAST(SPLIT(a, \";\"))\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_max": "MV_MAX", - "languageDocumentationPopover.documentationESQL.mv_max.markdown": "\n\n ### MV_MAX\n 将多值表达式转换为包含最大值的单值列。\n\n ```\n ROW a=[3, 5, 1]\n | EVAL max_a = MV_MAX(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_median": "MV_MEDIAN", - "languageDocumentationPopover.documentationESQL.mv_median.markdown": "\n\n ### MV_MEDIAN\n 将多值字段转换为包含中位数值的单值字段。\n\n ```\n ROW a=[3, 5, 1]\n | EVAL median_a = MV_MEDIAN(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_min": "MV_MIN", - "languageDocumentationPopover.documentationESQL.mv_min.markdown": "\n\n ### MV_MIN\n 将多值表达式转换为包含最小值的单值列。\n\n ```\n ROW a=[2, 1]\n | EVAL min_a = MV_MIN(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_slice": "MV_SLICE", - "languageDocumentationPopover.documentationESQL.mv_slice.markdown": "\n\n ### MV_SLICE\n 使用起始和结束索引值返回多值字段的子集。\n\n ```\n row a = [1, 2, 2, 3]\n | eval a1 = mv_slice(a, 1), a2 = mv_slice(a, 2, 3)\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_sort": "MV_SORT", - "languageDocumentationPopover.documentationESQL.mv_sort.markdown": "\n\n ### MV_SORT\n 按字典顺序对多值字段排序。\n\n ```\n ROW a = [4, 2, -3, 2]\n | EVAL sa = mv_sort(a), sd = mv_sort(a, \"DESC\")\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_sum": "MV_SUM", - "languageDocumentationPopover.documentationESQL.mv_sum.markdown": "\n\n ### MV_SUM\n 将多值字段转换为包含所有值的总和的单值字段。\n\n ```\n ROW a=[3, 5, 6]\n | EVAL sum_a = MV_SUM(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.mv_zip": "MV_ZIP", - "languageDocumentationPopover.documentationESQL.mv_zip.markdown": "\n\n ### MV_ZIP\n 组合两个使用分隔符联接在一起的多值字段中的值。\n\n ```\n ROW a = [\"x\", \"y\", \"z\"], b = [\"1\", \"2\"]\n | EVAL c = mv_zip(a, b, \"-\")\n | KEEP a, b, c\n ```\n ", - "languageDocumentationPopover.documentationESQL.mvExpand": "MV_EXPAND", - "languageDocumentationPopover.documentationESQL.mvExpand.markdown": "### MV_EXPAND\n`MV_EXPAND` 处理命令将多值字段扩展成每个值一行,从而复制其他字段: \n```\nROW a=[1,2,3], b=\"b\", j=[\"a\",\"b\"]\n| MV_EXPAND a\n```\n ", - "languageDocumentationPopover.documentationESQL.now": "NOW", - "languageDocumentationPopover.documentationESQL.now.markdown": "\n\n ### NOW\n 返回当前日期和时间。\n\n ```\n ROW current_date = NOW()\n ```\n ", - "languageDocumentationPopover.documentationESQL.pi": "PI", - "languageDocumentationPopover.documentationESQL.pi.markdown": "\n\n ### PI\n 返回 Pi,即圆的周长与其直径的比率。\n\n ```\n ROW PI()\n ```\n ", - "languageDocumentationPopover.documentationESQL.pow": "POW", - "languageDocumentationPopover.documentationESQL.pow.markdown": "\n\n ### POW\n 返回提升为 `exponent` 幂的 `base` 的值。\n\n ```\n ROW base = 2.0, exponent = 2\n | EVAL result = POW(base, exponent)\n ```\n 注意:此处仍可能使双精度结果溢出;在该情况下,将返回 null。\n ", - "languageDocumentationPopover.documentationESQL.predicates": "Null 值", - "languageDocumentationPopover.documentationESQL.predicates.markdown": "### NULL 值\n对于 NULL 比较,请使用 `IS NULL` 和 `IS NOT NULL` 谓词:\n\n```\nFROM employees\n| WHERE birth_date IS NULL\n| KEEP first_name, last_name\n| SORT first_name\n| LIMIT 3\n```\n\n```\nFROM employees\n| WHERE is_rehired IS NOT NULL\n| STATS count(emp_no)\n```\n ", - "languageDocumentationPopover.documentationESQL.rename": "RENAME", - "languageDocumentationPopover.documentationESQL.rename.markdown": "### RENAME\n请使用 `RENAME` 通过以下语法对列重命名:\n\n```\nRENAME AS \n```\n\n例如:\n\n```\nFROM employees\n| KEEP first_name, last_name, still_hired\n| RENAME still_hired AS employed\n```\n\n如果使用新名称的列已存在,将用新列替换该列。\n\n可以使用单个 `RENAME` 命令对多个列重命名:\n\n```\nFROM employees\n| KEEP first_name, last_name\n| RENAME first_name AS fn, last_name AS ln\n```\n ", - "languageDocumentationPopover.documentationESQL.repeat": "REPEAT", - "languageDocumentationPopover.documentationESQL.repeat.markdown": "\n\n ### REPEAT\n 返回通过串联 `string` 自身与指定次数 `number` 构造而成的字符串。\n\n ```\n ROW a = \"Hello!\"\n | EVAL triple_a = REPEAT(a, 3);\n ```\n ", - "languageDocumentationPopover.documentationESQL.replace": "REPLACE", - "languageDocumentationPopover.documentationESQL.replace.markdown": "\n\n ### REPLACE\n 此函数将字符串 `str` 中正则表达式 `regex` 的任何匹配项\n 替换为替代字符串 `newStr`。\n\n ```\n ROW str = \"Hello World\"\n | EVAL str = REPLACE(str, \"World\", \"Universe\")\n | KEEP str\n ```\n ", - "languageDocumentationPopover.documentationESQL.right": "RIGHT", - "languageDocumentationPopover.documentationESQL.right.markdown": "\n\n ### RIGHT\n 返回从“字符串”中提取“长度”字符的子字符串,从右侧开始。\n\n ```\n FROM employees\n | KEEP last_name\n | EVAL right = RIGHT(last_name, 3)\n | SORT last_name ASC\n | LIMIT 5\n ```\n ", - "languageDocumentationPopover.documentationESQL.round": "ROUND", - "languageDocumentationPopover.documentationESQL.round.markdown": "\n\n ### ROUND\n 将数字舍入到指定小数位数。\n 默认值为 0,即返回最近的整数。如果\n 精确度为负数,则将数字舍入到\n 小数点左侧的位数。\n\n ```\n FROM employees\n | KEEP first_name, last_name, height\n | EVAL height_ft = ROUND(height * 3.281, 1)\n ```\n ", - "languageDocumentationPopover.documentationESQL.row": "ROW", - "languageDocumentationPopover.documentationESQL.row.markdown": "### ROW\n`ROW` 源命令会生成一个行,其中包含一个或多个含有您指定的值的列。这可以用于测试。\n \n```\nROW a = 1, b = \"two\", c = null\n```\n\n请使用方括号创建多值列:\n\n```\nROW a = [2, 1]\n```\n\nROW 支持使用函数:\n\n```\nROW a = ROUND(1.23, 0)\n```\n ", - "languageDocumentationPopover.documentationESQL.rtrim": "RTRIM", - "languageDocumentationPopover.documentationESQL.rtrim.markdown": "\n\n ### RTRIM\n 从字符串中移除尾随空格。\n\n ```\n ROW message = \" some text \", color = \" red \"\n | EVAL message = RTRIM(message)\n | EVAL color = RTRIM(color)\n | EVAL message = CONCAT(\"'\", message, \"'\")\n | EVAL color = CONCAT(\"'\", color, \"'\")\n ```\n ", - "languageDocumentationPopover.documentationESQL.show": "SHOW", - "languageDocumentationPopover.documentationESQL.show.markdown": "### SHOW\n`SHOW ` 源命令返回有关部署及其功能的信息:\n\n* 使用 `SHOW INFO` 可返回部署的版本、构建日期和哈希。\n* 使用 `SHOW FUNCTIONS` 可返回所有受支持函数的列表和每个函数的概要。\n ", - "languageDocumentationPopover.documentationESQL.signum": "SIGNUM", - "languageDocumentationPopover.documentationESQL.signum.markdown": "\n\n ### SIGNUM\n 返回给定数字的符号。\n 它对负数返回 `-1`,对 `0` 返回 `0`,对正数返回 `1`。\n\n ```\n ROW d = 100.0\n | EVAL s = SIGNUM(d)\n ```\n ", - "languageDocumentationPopover.documentationESQL.sin": "SIN", - "languageDocumentationPopover.documentationESQL.sin.markdown": "\n\n ### SIN\n 返回角度的正弦三角函数。\n\n ```\n ROW a=1.8 \n | EVAL sin=SIN(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.sinh": "SINH", - "languageDocumentationPopover.documentationESQL.sinh.markdown": "\n\n ### SINH\n 返回角度的双曲正弦。\n\n ```\n ROW a=1.8 \n | EVAL sinh=SINH(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.sort": "SORT", - "languageDocumentationPopover.documentationESQL.sort.markdown": "### SORT\n使用 `SORT` 命令可对一个或多个字段上的行排序:\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| SORT height\n```\n\n默认排序顺序为升序。请使用 `ASC` 或 `DESC` 设置显式排序顺序:\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| SORT height DESC\n```\n\n如果两个行具有相同的排序键,则保留原始顺序。您可以提供其他排序表达式充当连接断路器:\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| SORT height DESC, first_name ASC\n```\n\n#### `null` 值\n默认情况下,会将 `null` 值视为大于任何其他值。使用升序排序顺序时,会最后对 `null` 值排序,而使用降序排序顺序时,会首先对 `null` 值排序。您可以通过提供 `NULLS FIRST` 或 `NULLS LAST` 来更改该排序:\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| SORT first_name ASC NULLS FIRST\n```\n ", - "languageDocumentationPopover.documentationESQL.split": "SPLIT", - "languageDocumentationPopover.documentationESQL.split.markdown": "\n\n ### SPLIT\n 将单值字符串拆分成多个字符串。\n\n ```\n ROW words=\"foo;bar;baz;qux;quux;corge\"\n | EVAL word = SPLIT(words, \";\")\n ```\n ", - "languageDocumentationPopover.documentationESQL.sqrt": "SQRT", - "languageDocumentationPopover.documentationESQL.sqrt.markdown": "\n\n ### SQRT\n 返回数字的平方根。输入可以为任何数字值,返回值始终为双精度值。\n 负数和无穷大的平方根为 null。\n\n ```\n ROW d = 100.0\n | EVAL s = SQRT(d)\n ```\n ", - "languageDocumentationPopover.documentationESQL.st_contains": "ST_CONTAINS", - "languageDocumentationPopover.documentationESQL.st_contains.markdown": "\n\n ### ST_CONTAINS\n 返回第一个几何形状是否包含第二个几何形状。\n 这是 `ST_WITHIN` 函数的反向函数。\n\n ```\n FROM airport_city_boundaries\n | WHERE ST_CONTAINS(city_boundary, TO_GEOSHAPE(\"POLYGON((109.35 18.3, 109.45 18.3, 109.45 18.4, 109.35 18.4, 109.35 18.3))\"))\n | KEEP abbrev, airport, region, city, city_location\n ```\n ", - "languageDocumentationPopover.documentationESQL.st_disjoint": "ST_DISJOINT", - "languageDocumentationPopover.documentationESQL.st_disjoint.markdown": "\n\n ### ST_DISJOINT\n 返回两个几何图形或几何图形列是否不相交。\n 这是 `ST_INTERSECTS` 函数的反向函数。\n 从数学上讲:ST_Disjoint(A, B) ⇔ A ⋂ B = ∅\n\n ```\n FROM airport_city_boundaries\n | WHERE ST_DISJOINT(city_boundary, TO_GEOSHAPE(\"POLYGON((-10 -60, 120 -60, 120 60, -10 60, -10 -60))\"))\n | KEEP abbrev, airport, region, city, city_location\n ```\n ", - "languageDocumentationPopover.documentationESQL.st_distance": "ST_DISTANCE", - "languageDocumentationPopover.documentationESQL.st_distance.markdown": "\n\n ### ST_DISTANCE\n 计算两点之间的距离。\n 对于笛卡尔几何形状,这是以相同单位作为原始坐标时的毕达哥拉斯距离。\n 对于地理几何形状而言,这是沿着地球大圆的圆周距离(以米为单位)。\n\n ```\n FROM airports\n | WHERE abbrev == \"CPH\"\n | EVAL distance = ST_DISTANCE(location, city_location)\n | KEEP abbrev, name, location, city_location, distance\n ```\n ", - "languageDocumentationPopover.documentationESQL.st_intersects": "ST_INTERSECTS", - "languageDocumentationPopover.documentationESQL.st_intersects.markdown": "\n\n ### ST_INTERSECTS\n 如果两个几何形状相交,则返回 true。\n 如果它们有任何共同点,包括其内点\n (沿线的点或多边形内的点),则表示它们相交。\n 这是 `ST_DISJOINT` 函数的反向函数。\n 从数学上讲:ST_Intersects(A, B) ⇔ A ⋂ B ≠ ∅\n\n ```\n FROM airports\n | WHERE ST_INTERSECTS(location, TO_GEOSHAPE(\"POLYGON((42 14, 43 14, 43 15, 42 15, 42 14))\"))\n ```\n ", - "languageDocumentationPopover.documentationESQL.st_within": "ST_WITHIN", - "languageDocumentationPopover.documentationESQL.st_within.markdown": "\n\n ### ST_WITHIN\n 返回第一个几何形状是否在第二个几何形状内。\n 这是 `ST_CONTAINS` 函数的反向函数。\n\n ```\n FROM airport_city_boundaries\n | WHERE ST_WITHIN(city_boundary, TO_GEOSHAPE(\"POLYGON((109.1 18.15, 109.6 18.15, 109.6 18.65, 109.1 18.65, 109.1 18.15))\"))\n | KEEP abbrev, airport, region, city, city_location\n ```\n ", - "languageDocumentationPopover.documentationESQL.st_x": "ST_X", - "languageDocumentationPopover.documentationESQL.st_x.markdown": "\n\n ### ST_X\n 从提供的点中提取 `x` 坐标。\n 如果点的类型为 `geo_point`,则这等同于提取 `longitude` 值。\n\n ```\n ROW point = TO_GEOPOINT(\"POINT(42.97109629958868 14.7552534006536)\")\n | EVAL x = ST_X(point), y = ST_Y(point)\n ```\n ", - "languageDocumentationPopover.documentationESQL.st_y": "ST_Y", - "languageDocumentationPopover.documentationESQL.st_y.markdown": "\n\n ### ST_Y\n 从提供的点中提取 `y` 坐标。\n 如果点的类型为 `geo_point`,则这等同于提取 `latitude` 值。\n\n ```\n ROW point = TO_GEOPOINT(\"POINT(42.97109629958868 14.7552534006536)\")\n | EVAL x = ST_X(point), y = ST_Y(point)\n ```\n ", - "languageDocumentationPopover.documentationESQL.starts_with": "STARTS_WITH", - "languageDocumentationPopover.documentationESQL.starts_with.markdown": "\n\n ### STARTS_WITH\n 返回指示关键字字符串是否以另一个字符串开头的布尔值。\n\n ```\n FROM employees\n | KEEP last_name\n | EVAL ln_S = STARTS_WITH(last_name, \"B\")\n ```\n ", - "languageDocumentationPopover.documentationESQL.statsby": "STATS ...BY", - "languageDocumentationPopover.documentationESQL.statsby.markdown": "### STATS ...BY\n使用 `STATS ...BY` 可根据公共值对行分组,并计算已分组行中的一个或多个聚合值。\n\n**示例**:\n\n```\nFROM employees\n| STATS count = COUNT(emp_no) BY languages\n| SORT languages\n```\n\n如果省略 `BY`,输出表实际将包含一行,其中为应用于整个数据集的聚合:\n\n```\nFROM employees\n| STATS avg_lang = AVG(languages)\n```\n\n可以计算多个值:\n\n```\nFROM employees\n| STATS avg_lang = AVG(languages), max_lang = MAX(languages)\n```\n\n也可以按多个值分组(仅长整型和关键字家族字段支持):\n\n```\nFROM employees\n| EVAL hired = DATE_FORMAT(hire_date, \"YYYY\")\n| STATS avg_salary = AVG(salary) BY hired, languages.long\n| EVAL avg_salary = ROUND(avg_salary)\n| SORT hired, languages.long\n```\n\n请参阅**聚合函数**获取可与 `STATS ...BY` 搭配使用的函数列表。\n\n聚合函数和分组表达式均接受其他函数。这在对多值列使用 `STATS...BY` 时有用。例如,要计算平均工资变动,可以首先使用 `MV_AVG` 对每名员工的多个值求平均值,然后将结果用于 `AVG` 函数:\n\n```\nFROM employees\n| STATS avg_salary_change = AVG(MV_AVG(salary_change))\n```\n\n按表达式分组的示例为根据员工姓氏的第一个字母对其进行分组:\n\n```\nFROM employees\n| STATS my_count = COUNT() BY LEFT(last_name, 1)\n| SORT `LEFT(last_name, 1)`\n```\n\n指定输出列名称为可选操作。如果未指定,新列名称等于该表达式。以下查询将返回名为 `AVG(salary)` 的列:\n\n```\nFROM employees\n| STATS AVG(salary)\n```\n\n由于此名称包含特殊字符,在后续命令中使用该名称时,需要用反撇号 (`) 引用它:\n\n```\nFROM employees\n| STATS AVG(salary)\n| EVAL avg_salary_rounded = ROUND(`AVG(salary)`)\n```\n\n**注意**:不包含任何组的 `STATS` 比添加组更快。\n\n**注意**:当前,根据单一表达式进行分组比根据许多表达式进行分组更为优化。\n ", - "languageDocumentationPopover.documentationESQL.stringOperators": "LIKE 和 RLIKE", - "languageDocumentationPopover.documentationESQL.stringOperators.markdown": "### LIKE 和 RLIKE\n使用通配符或正则表达式比较字符串时,请使用 `LIKE` 或 `RLIKE`:\n\n使用 `LIKE` 时,可使用通配符来匹配字符串。支持以下通配符字符:\n\n* `*` 匹配零个或更多字符。\n* `?` 匹配一个字符。\n\n```\nFROM employees\n| WHERE first_name LIKE \"?b*\"\n| KEEP first_name, last_name\n```\n\n使用 `RLIKE` 时,可使用正则表达式来匹配字符串:\n\n```\nFROM employees\n| WHERE first_name RLIKE \".leja.*\"\n| KEEP first_name, last_name\n```\n ", - "languageDocumentationPopover.documentationESQL.substring": "SUBSTRING", - "languageDocumentationPopover.documentationESQL.substring.markdown": "\n\n ### SUBSTRING\n 返回字符串的子字符串,用起始位置和可选长度指定\n\n ```\n FROM employees\n | KEEP last_name\n | EVAL ln_sub = SUBSTRING(last_name, 1, 3)\n ```\n ", - "languageDocumentationPopover.documentationESQL.tan": "TAN", - "languageDocumentationPopover.documentationESQL.tan.markdown": "\n\n ### TAN\n 返回角度的正切三角函数。\n\n ```\n ROW a=1.8 \n | EVAL tan=TAN(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.tanh": "TANH", - "languageDocumentationPopover.documentationESQL.tanh.markdown": "\n\n ### TANH\n 返回角度的双曲正切函数。\n\n ```\n ROW a=1.8 \n | EVAL tanh=TANH(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.tau": "TAU", - "languageDocumentationPopover.documentationESQL.tau.markdown": "\n\n ### TAU\n 返回圆的圆周长与其半径的比率。\n\n ```\n ROW TAU()\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_base64": "TO_BASE64", - "languageDocumentationPopover.documentationESQL.to_base64.markdown": "\n\n ### TO_BASE64\n 将字符串编码为 base64 字符串。\n\n ```\n row a = \"elastic\" \n | eval e = to_base64(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_boolean": "TO_BOOLEAN", - "languageDocumentationPopover.documentationESQL.to_boolean.markdown": "\n\n ### TO_BOOLEAN\n 将输入值转换为布尔值。\n 字符串值 *true* 将不区分大小写并被转换为布尔值 *true*。\n 对于任何其他值,包括空字符串,此函数将返回 *false*。\n 数字值 *0* 将转换为 *false*,任何其他值将转换为 *true*。\n\n ```\n ROW str = [\"true\", \"TRuE\", \"false\", \"\", \"yes\", \"1\"]\n | EVAL bool = TO_BOOLEAN(str)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_cartesianpoint": "TO_CARTESIANPOINT", - "languageDocumentationPopover.documentationESQL.to_cartesianpoint.markdown": "\n\n ### TO_CARTESIANPOINT\n 将输入值转换为 `cartesian_point` 值。\n 字符串只有符合 WKT 点格式时,才能成功转换。\n\n ```\n ROW wkt = [\"POINT(4297.11 -1475.53)\", \"POINT(7580.93 2272.77)\"]\n | MV_EXPAND wkt\n | EVAL pt = TO_CARTESIANPOINT(wkt)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_cartesianshape": "TO_CARTESIANSHAPE", - "languageDocumentationPopover.documentationESQL.to_cartesianshape.markdown": "\n\n ### TO_CARTESIANSHAPE\n 将输入值转换为 `cartesian_shape` 值。\n 字符串只有符合 WKT 格式时,才能成功转换。\n\n ```\n ROW wkt = [\"POINT(4297.11 -1475.53)\", \"POLYGON ((3339584.72 1118889.97, 4452779.63 4865942.27, 2226389.81 4865942.27, 1113194.90 2273030.92, 3339584.72 1118889.97))\"]\n | MV_EXPAND wkt\n | EVAL geom = TO_CARTESIANSHAPE(wkt)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_datetime": "TO_DATETIME", - "languageDocumentationPopover.documentationESQL.to_datetime.markdown": "\n\n ### TO_DATETIME\n 将输入值转换为日期值。\n 仅当字符串采用 `yyyy-MM-dd'T'HH:mm:ss.SSS'Z'` 格式时,才可进行成功转换。\n 要转换其他格式的日期,请使用 `DATE_PARSE`。\n\n ```\n ROW string = [\"1953-09-02T00:00:00.000Z\", \"1964-06-02T00:00:00.000Z\", \"1964-06-02 00:00:00\"]\n | EVAL datetime = TO_DATETIME(string)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_degrees": "TO_DEGREES", - "languageDocumentationPopover.documentationESQL.to_degrees.markdown": "\n\n ### TO_DEGREES\n 将弧度转换为度数。\n\n ```\n ROW rad = [1.57, 3.14, 4.71]\n | EVAL deg = TO_DEGREES(rad)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_double": "TO_DOUBLE", - "languageDocumentationPopover.documentationESQL.to_double.markdown": "\n\n ### TO_DOUBLE\n 将输入值转换为双精度值。如果输入参数为日期类型,\n 会将其值解析为自 Unix epoch 以来的毫秒数,\n 并转换为双精度值。布尔值 *true* 将转换为双精度值 *1.0*,*false* 转换为 *0.0*。\n\n ```\n ROW str1 = \"5.20128E11\", str2 = \"foo\"\n | EVAL dbl = TO_DOUBLE(\"520128000000\"), dbl1 = TO_DOUBLE(str1), dbl2 = TO_DOUBLE(str2)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_geopoint": "TO_GEOPOINT", - "languageDocumentationPopover.documentationESQL.to_geopoint.markdown": "\n\n ### TO_GEOPOINT\n 将输入值转换为 `geo_point` 值。\n 字符串只有符合 WKT 点格式时,才能成功转换。\n\n ```\n ROW wkt = \"POINT(42.97109630194 14.7552534413725)\"\n | EVAL pt = TO_GEOPOINT(wkt)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_geoshape": "TO_GEOSHAPE", - "languageDocumentationPopover.documentationESQL.to_geoshape.markdown": "\n\n ### TO_GEOSHAPE\n 将输入值转换为 `geo_shape` 值。\n 字符串只有符合 WKT 格式时,才能成功转换。\n\n ```\n ROW wkt = \"POLYGON ((30 10, 40 40, 20 40, 10 20, 30 10))\"\n | EVAL geom = TO_GEOSHAPE(wkt)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_integer": "TO_INTEGER", - "languageDocumentationPopover.documentationESQL.to_integer.markdown": "\n\n ### TO_INTEGER\n 将输入值转换为整数值。\n 如果输入参数为日期类型,会将其值解析为自 Unix epoch 以来\n 的毫秒数,并转换为整数。\n 布尔值 *true* 将转换为整数 *1*,*false* 转换为 *0*。\n\n ```\n ROW long = [5013792, 2147483647, 501379200000]\n | EVAL int = TO_INTEGER(long)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_ip": "TO_IP", - "languageDocumentationPopover.documentationESQL.to_ip.markdown": "\n\n ### TO_IP\n 将输入字符串转换为 IP 值。\n\n ```\n ROW str1 = \"1.1.1.1\", str2 = \"foo\"\n | EVAL ip1 = TO_IP(str1), ip2 = TO_IP(str2)\n | WHERE CIDR_MATCH(ip1, \"1.0.0.0/8\")\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_long": "TO_LONG", - "languageDocumentationPopover.documentationESQL.to_long.markdown": "\n\n ### TO_LONG\n 将输入值转换为长整型值。如果输入参数为日期类型,\n 会将其值解析为自 Unix epoch 以来的毫秒数,并转换为长整型值。\n 布尔值 *true* 将转换为长整型值 *1*,*false* 转换为 *0*。\n\n ```\n ROW str1 = \"2147483648\", str2 = \"2147483648.2\", str3 = \"foo\"\n | EVAL long1 = TO_LONG(str1), long2 = TO_LONG(str2), long3 = TO_LONG(str3)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_lower": "TO_LOWER", - "languageDocumentationPopover.documentationESQL.to_lower.markdown": "\n\n ### TO_LOWER\n 返回一个新字符串,表示已将输入字符串转为小写。\n\n ```\n ROW message = \"Some Text\"\n | EVAL message_lower = TO_LOWER(message)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_radians": "TO_RADIANS", - "languageDocumentationPopover.documentationESQL.to_radians.markdown": "\n\n ### TO_RADIANS\n 将度数转换为弧度。\n\n ```\n ROW deg = [90.0, 180.0, 270.0]\n | EVAL rad = TO_RADIANS(deg)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_string": "TO_STRING", - "languageDocumentationPopover.documentationESQL.to_string.markdown": "\n\n ### TO_STRING\n 将输入值转换为字符串。\n\n ```\n ROW a=10\n | EVAL j = TO_STRING(a)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_unsigned_long": "TO_UNSIGNED_LONG", - "languageDocumentationPopover.documentationESQL.to_unsigned_long.markdown": "\n\n ### TO_UNSIGNED_LONG\n 将输入值转换为无符号长整型值。如果输入参数为日期类型,\n 会将其值解析为自 Unix epoch 以来的毫秒数,并转换为无符号长整型值。\n 布尔值 *true* 将转换为无符号长整型值 *1*,*false* 转换为 *0*。\n\n ```\n ROW str1 = \"2147483648\", str2 = \"2147483648.2\", str3 = \"foo\"\n | EVAL long1 = TO_UNSIGNED_LONG(str1), long2 = TO_ULONG(str2), long3 = TO_UL(str3)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_upper": "TO_UPPER", - "languageDocumentationPopover.documentationESQL.to_upper.markdown": "\n\n ### TO_UPPER\n 返回一个新字符串,表示已将输入字符串转为大写。\n\n ```\n ROW message = \"Some Text\"\n | EVAL message_upper = TO_UPPER(message)\n ```\n ", - "languageDocumentationPopover.documentationESQL.to_version": "TO_VERSION", - "languageDocumentationPopover.documentationESQL.to_version.markdown": "\n\n ### TO_VERSION\n 将输入字符串转换为版本值。\n\n ```\n ROW v = TO_VERSION(\"1.2.3\")\n ```\n ", - "languageDocumentationPopover.documentationESQL.trim": "TRIM", - "languageDocumentationPopover.documentationESQL.trim.markdown": "\n\n ### TRIM\n 从字符串中移除前导和尾随空格。\n\n ```\n ROW message = \" some text \", color = \" red \"\n | EVAL message = TRIM(message)\n | EVAL color = TRIM(color)\n ```\n ", - "languageDocumentationPopover.documentationESQL.where": "WHERE", - "languageDocumentationPopover.documentationESQL.where.markdown": "### WHERE\n使用 `WHERE` 可生成一个表,其中包含输入表中所提供的条件评估为 `true` 的所有行:\n \n```\nFROM employees\n| KEEP first_name, last_name, still_hired\n| WHERE still_hired == true\n```\n\n#### 运算符\n\n请参阅**运算符**了解所支持的运算符的概览。\n\n#### 函数\n`WHERE` 支持各种用于计算值的函数。请参阅**函数**了解更多信息。\n ", + "languageDocumentation.documentationESQL.abs": "ABS", + "languageDocumentation.documentationESQL.abs.markdown": "\n\n ### ABS\n 返回绝对值。\n\n ```\n ROW number = -1.0 \n | EVAL abs_number = ABS(number)\n ```\n ", + "languageDocumentation.documentationESQL.acos": "ACOS", + "languageDocumentation.documentationESQL.acos.markdown": "\n\n ### ACOS\n 返回 `n` 的反余弦作为角度,以弧度表示。\n\n ```\n ROW a=.9\n | EVAL acos=ACOS(a)\n ```\n ", + "languageDocumentation.documentationESQL.asin": "ASIN", + "languageDocumentation.documentationESQL.asin.markdown": "\n\n ### ASIN\n 返回输入数字表达式的反正弦\n 作为角度,以弧度表示。\n\n ```\n ROW a=.9\n | EVAL asin=ASIN(a)\n ```\n ", + "languageDocumentation.documentationESQL.atan": "ATAN", + "languageDocumentation.documentationESQL.atan.markdown": "\n\n ### ATAN\n 返回输入数字表达式的反正切\n 作为角度,以弧度表示。\n\n ```\n ROW a=12.9\n | EVAL atan=ATAN(a)\n ```\n ", + "languageDocumentation.documentationESQL.atan2": "ATAN2", + "languageDocumentation.documentationESQL.atan2.markdown": "\n\n ### ATAN2\n 笛卡儿平面中正 x 轴\n 与从原点到点 (x , y) 构成的射线之间的角度,以弧度表示。\n\n ```\n ROW y=12.9, x=.6\n | EVAL atan2=ATAN2(y, x)\n ```\n ", + "languageDocumentation.documentationESQL.autoBucketFunction": "BUCKET", + "languageDocumentation.documentationESQL.autoBucketFunction.markdown": "### BUCKET\n用日期时间或数字输入创建值(存储桶)的分组。存储桶的大小可以直接提供,或基于建议的计数和值范围进行选择。\n\n`BUCKET` 以两种模式运行:\n\n1.在此模式下基于存储桶计数建议(四个参数)和范围计算存储桶的大小。\n2.在此模式下直接提供存储桶大小(两个参数)。\n\n使用存储桶的目标数量、起始范围和结束范围,`BUCKET` 将选取适当的存储桶大小以生成目标数量或更小数量的存储桶。\n\n例如,一年请求多达 20 个存储桶会按每月时间间隔组织数据:\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hire_date = MV_SORT(VALUES(hire_date)) BY month = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT hire_date\n```\n\n**注意**:目标并不是提供存储桶的确切目标数量,而是选择一个范围,最多提供存储桶的目标数量。\n\n可以组合 `BUCKET` 与聚合以创建直方图:\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hires_per_month = COUNT(*) BY month = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT month\n```\n\n**注意**:`BUCKET` 不会创建未匹配任何文档的存储桶。因此,上一示例缺少 `1985-03-01` 和其他日期。\n\n如果需要更多存储桶,可能导致更小的范围。例如,如果一年内最多请求 100 个存储桶,会导致周期为周的存储桶:\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hires_per_week = COUNT(*) BY week = BUCKET(hire_date, 100, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT week\n```\n\n**注意**:`AUTO_BUCKET` 不筛选任何行。它只会使用提供的范围来选取适当的存储桶大小。对于值超出范围的行,它会返回与超出范围的存储桶对应的存储桶值。组合 `BUCKET` 与 `WHERE` 可筛选行。\n\n如果提前已知所需存储桶大小,则只需提供它作为第二个参数,而忽略范围:\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS hires_per_week = COUNT(*) BY week = BUCKET(hire_date, 1 week)\n| SORT week\n```\n\n**注意**:提供存储桶大小作为第二个参数时,它必须为持续时间或日期期间。\n\n`BUCKET` 还可对数字字段执行操作。例如,要创建工资直方图:\n\n```\nFROM employees\n| STATS COUNT(*) by bs = BUCKET(salary, 20, 25324, 74999)\n| SORT bs\n```\n\n与前面的有意筛选日期范围示例不同,您极少想要筛选数值范围。您必须分别查找最小值和最大值。ES|QL 尚未提供简便方法来自动执行此操作。\n\n如果提前已知所需存储桶大小,则可以忽略该范围。只需提供它作为第二个参数即可:\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS c = COUNT(1) BY b = BUCKET(salary, 5000.)\n| SORT b\n```\n\n**注意**:提供存储桶大小作为第二个参数时,它必须为 **浮点类型**。\n\n这里提供了一个示例,用于为过去 24 小时创建小时存储桶,并计算每小时的事件数:\n\n```\nFROM sample_data\n| WHERE @timestamp >= NOW() - 1 day and @timestamp < NOW()\n| STATS COUNT(*) BY bucket = BUCKET(@timestamp, 25, NOW() - 1 day, NOW())\n```\n\n这里提供了一个示例,用于为 1985 年创建月度存储桶,并按聘用月份计算平均工资:\n\n```\nFROM employees\n| WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n| STATS AVG(salary) BY bucket = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n| SORT bucket\n```\n\n`BUCKET` 可用在 `STATS …​ BY …`​ 命令的聚合和分组部分, 前提是在聚合部分中,该函数 **由在分组部分中定义的别名引用**,或使用完全相同的表达式调用。\n\n例如:\n\n```\nFROM employees\n| STATS s1 = b1 + 1, s2 = BUCKET(salary / 1000 + 999, 50.) + 2 BY b1 = BUCKET(salary / 100 + 99, 50.), b2 = BUCKET(salary / 1000 + 999, 50.)\n| SORT b1, b2\n| KEEP s1, b1, s2, b2\n```\n ", + "languageDocumentation.documentationESQL.binaryOperators": "二进制运算符", + "languageDocumentation.documentationESQL.binaryOperators.markdown": "### 二进制运算符\n支持这些二进制比较运算符:\n\n* 等于:`==`\n* 不等于:`!=`\n* 小于:`<`\n* 小于或等于:`<=`\n* 大于:`>`\n* 大于或等于:`>=`\n* 加:`+`\n* 减:`-`\n* 乘:`*`\n* 除:`/`\n* 取模:`%`\n ", + "languageDocumentation.documentationESQL.booleanOperators": "布尔运算符", + "languageDocumentation.documentationESQL.booleanOperators.markdown": "### 布尔运算符\n支持以下布尔运算符:\n\n* `AND`\n* `OR`\n* `NOT`\n ", + "languageDocumentation.documentationESQL.bucket": "BUCKET", + "languageDocumentation.documentationESQL.bucket.markdown": "\n\n ### BUCKET\n 用日期时间或数字输入创建值(存储桶)的分组。\n 存储桶的大小可以直接提供,或基于建议的计数和值范围进行选择。\n\n ```\n FROM employees\n | WHERE hire_date >= \"1985-01-01T00:00:00Z\" AND hire_date < \"1986-01-01T00:00:00Z\"\n | STATS hire_date = MV_SORT(VALUES(hire_date)) BY month = BUCKET(hire_date, 20, \"1985-01-01T00:00:00Z\", \"1986-01-01T00:00:00Z\")\n | SORT hire_date\n ```\n ", + "languageDocumentation.documentationESQL.case": "CASE", + "languageDocumentation.documentationESQL.case.markdown": "\n\n ### CASE\n 接受成对的条件和值。此函数返回属于第一个\n 评估为 `true` 的条件的值。\n\n 如果参数数量为奇数,则最后一个参数为\n 在无条件匹配时返回的默认值。如果参数数量为偶数,且\n 无任何条件匹配,则此函数返回 `null`。\n\n ```\n FROM employees\n | EVAL type = CASE(\n languages <= 1, \"monolingual\",\n languages <= 2, \"bilingual\",\n \"polyglot\")\n | KEEP emp_no, languages, type\n ```\n ", + "languageDocumentation.documentationESQL.castOperator": "Cast (::)", + "languageDocumentation.documentationESQL.castOperator.markdown": "### CAST (`::`)\n`::` 运算符为 `TO_` 类型转换函数提供了实用的替代语法。\n\n例如:\n```\nROW ver = CONCAT((\"0\"::INT + 1)::STRING, \".2.3\")::VERSION\n```\n ", + "languageDocumentation.documentationESQL.cbrt": "CBRT", + "languageDocumentation.documentationESQL.cbrt.markdown": "\n\n ### CBRT\n 返回数字的立方根。输入可以为任何数字值,返回值始终为双精度值。\n 无穷大的立方根为 null。\n\n ```\n ROW d = 1000.0\n | EVAL c = cbrt(d)\n ```\n ", + "languageDocumentation.documentationESQL.ceil": "CEIL", + "languageDocumentation.documentationESQL.ceil.markdown": "\n\n ### CEIL\n 将数字四舍五入为最近的整数。\n\n ```\n ROW a=1.8\n | EVAL a=CEIL(a)\n ```\n 注意:对于 `long`(包括无符号值)和 `integer`,这相当于“无操作”。对于 `double`,这会提取最接近整数的 `double` 值,类似于 Math.ceil。\n ", + "languageDocumentation.documentationESQL.cidr_match": "CIDR_MATCH", + "languageDocumentation.documentationESQL.cidr_match.markdown": "\n\n ### CIDR_MATCH\n 如果提供的 IP 包含在所提供的其中一个 CIDR 块中,则返回 true。\n\n ```\n FROM hosts \n | WHERE CIDR_MATCH(ip1, \"127.0.0.2/32\", \"127.0.0.3/32\") \n | KEEP card, host, ip0, ip1\n ```\n ", + "languageDocumentation.documentationESQL.coalesce": "COALESCE", + "languageDocumentation.documentationESQL.coalesce.markdown": "\n\n ### COALESCE\n 返回它的第一个不为 null 的参数。如果所有参数均为 null,则返回 `null`。\n\n ```\n ROW a=null, b=\"b\"\n | EVAL COALESCE(a, b)\n ```\n ", + "languageDocumentation.documentationESQL.concat": "CONCAT", + "languageDocumentation.documentationESQL.concat.markdown": "\n\n ### CONCAT\n 串联两个或多个字符串。\n\n ```\n FROM employees\n | KEEP first_name, last_name\n | EVAL fullname = CONCAT(first_name, \" \", last_name)\n ```\n ", + "languageDocumentation.documentationESQL.cos": "COS", + "languageDocumentation.documentationESQL.cos.markdown": "\n\n ### COS\n 返回角度的余弦。\n\n ```\n ROW a=1.8 \n | EVAL cos=COS(a)\n ```\n ", + "languageDocumentation.documentationESQL.cosh": "COSH", + "languageDocumentation.documentationESQL.cosh.markdown": "\n\n ### COSH\n 返回角度的双曲余弦。\n\n ```\n ROW a=1.8 \n | EVAL cosh=COSH(a)\n ```\n ", + "languageDocumentation.documentationESQL.date_diff": "DATE_DIFF", + "languageDocumentation.documentationESQL.date_diff.markdown": "\n\n ### DATE_DIFF\n 从 `endTimestamp` 中减去 `startTimestamp`,并以倍数 `unit` 返回差异。\n 如果 `startTimestamp` 晚于 `endTimestamp`,则返回负值。\n\n ```\n ROW date1 = TO_DATETIME(\"2023-12-02T11:00:00.000Z\"), date2 = TO_DATETIME(\"2023-12-02T11:00:00.001Z\")\n | EVAL dd_ms = DATE_DIFF(\"microseconds\", date1, date2)\n ```\n ", + "languageDocumentation.documentationESQL.date_extract": "DATE_EXTRACT", + "languageDocumentation.documentationESQL.date_extract.markdown": "\n\n ### DATE_EXTRACT\n 提取日期的某些部分,如年、月、日、小时。\n\n ```\n ROW date = DATE_PARSE(\"yyyy-MM-dd\", \"2022-05-06\")\n | EVAL year = DATE_EXTRACT(\"year\", date)\n ```\n ", + "languageDocumentation.documentationESQL.date_format": "DATE_FORMAT", + "languageDocumentation.documentationESQL.date_format.markdown": "\n\n ### DATE_FORMAT\n 以提供的格式返回日期的字符串表示形式。\n\n ```\n FROM employees\n | KEEP first_name, last_name, hire_date\n | EVAL hired = DATE_FORMAT(\"YYYY-MM-dd\", hire_date)\n ```\n ", + "languageDocumentation.documentationESQL.date_parse": "DATE_PARSE", + "languageDocumentation.documentationESQL.date_parse.markdown": "\n\n ### DATE_PARSE\n 通过使用在第一个参数中指定的格式来解析第二个参数,从而返回日期。\n\n ```\n ROW date_string = \"2022-05-06\"\n | EVAL date = DATE_PARSE(\"yyyy-MM-dd\", date_string)\n ```\n ", + "languageDocumentation.documentationESQL.date_trunc": "DATE_TRUNC", + "languageDocumentation.documentationESQL.date_trunc.markdown": "\n\n ### DATE_TRUNC\n 将日期向下舍入到最近的时间间隔。\n\n ```\n FROM employees\n | KEEP first_name, last_name, hire_date\n | EVAL year_hired = DATE_TRUNC(1 year, hire_date)\n ```\n ", + "languageDocumentation.documentationESQL.dissect": "DISSECT", + "languageDocumentation.documentationESQL.dissect.markdown": "### DISSECT\n使用 `DISSECT`,您可以从字符串中提取结构化数据。`DISSECT` 将根据基于分隔符的模式来匹配字符串,并提取指定键作为列。\n\n请参阅[分解处理器文档](https://www.elastic.co/guide/en/elasticsearch/reference/current/dissect-processor.html)了解分解模式的语法。\n\n```\nROW a = \"1953-01-23T12:15:00Z - some text - 127.0.0.1\"\n| DISSECT a \"%'{Y}-%{M}-%{D}T%{h}:%{m}:%{s}Z - %{msg} - %{ip}'\"\n``` ", + "languageDocumentation.documentationESQL.drop": "DROP", + "languageDocumentation.documentationESQL.drop.markdown": "### DROP\n使用 `DROP` 可从表中移除列:\n \n```\nFROM employees\n| DROP height\n```\n\n您不必按名称指定每个列,而可以使用通配符丢弃名称匹配某种模式的所有列:\n\n```\nFROM employees\n| DROP height*\n```\n ", + "languageDocumentation.documentationESQL.e": "E", + "languageDocumentation.documentationESQL.e.markdown": "\n\n ### E\n 返回 Euler 函数的编号。\n\n ```\n ROW E()\n ```\n ", + "languageDocumentation.documentationESQL.ends_with": "ENDS_WITH", + "languageDocumentation.documentationESQL.ends_with.markdown": "\n\n ### ENDS_WITH\n 返回布尔值,指示关键字字符串是否以另一个字符串结尾。\n\n ```\n FROM employees\n | KEEP last_name\n | EVAL ln_E = ENDS_WITH(last_name, \"d\")\n ```\n ", + "languageDocumentation.documentationESQL.enrich": "ENRICH", + "languageDocumentation.documentationESQL.enrich.markdown": "### ENRICH\n您可以使用 `ENRICH` 将来自现有索引的数据添加到传入记录中。它类似于[采集扩充](https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest-enriching-data.html),但作用于查询时间。\n\n```\nROW language_code = \"1\"\n| ENRICH languages_policy\n```\n\n执行 `ENRICH` 需要[扩充策略](https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest-enriching-data.html#enrich-policy)。扩充策略定义一个匹配字段(键字段)和一组扩充字段。\n\n`ENRICH` 将根据匹配字段值在[扩充索引](https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest-enriching-data.html#enrich-index)中查找记录。输入数据集中的匹配键可以使用 `ON ` 来定义;如果未指定,将对字段名称与在扩充策略中定义的匹配字段相同的字段执行匹配。\n\n```\nROW a = \"1\"\n| ENRICH languages_policy ON a\n```\n\n您可以使用 `WITH , ...` 语法指定必须将哪些属性(在那些在策略中定义为扩充字段的字段之间)添加到结果中。\n\n```\nROW a = \"1\"\n| ENRICH languages_policy ON a WITH language_name\n```\n\n还可以使用 `WITH new_name=` 重命名属性\n\n```\nROW a = \"1\"\n| ENRICH languages_policy ON a WITH name = language_name\n```\n\n默认情况下(如果未定义任何 `WITH`),`ENRICH` 会将在扩充策略中定义的所有扩充字段添加到结果中。\n\n如果出现名称冲突,新创建的字段将覆盖现有字段。\n ", + "languageDocumentation.documentationESQL.eval": "EVAL", + "languageDocumentation.documentationESQL.eval.markdown": "### EVAL\n`EVAL` 允许您添加新列:\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| EVAL height_feet = height * 3.281, height_cm = height * 100\n```\n\n如果指定列已存在,将丢弃现有列,并将新列追加到表后面:\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| EVAL height = height * 3.281\n```\n\n#### 函数\n`EVAL` 支持各种用于计算值的函数。请参阅“函数”了解更多信息。\n ", + "languageDocumentation.documentationESQL.floor": "FLOOR", + "languageDocumentation.documentationESQL.floor.markdown": "\n\n ### FLOOR\n 将数字向下舍入到最近的整数。\n\n ```\n ROW a=1.8\n | EVAL a=FLOOR(a)\n ```\n 注意:对于 `long`(包括无符号值)和 `integer`,这相当于“无操作”。\n 对于 `double`,这会提取最接近整数的 `double` 值,\n 类似于 Math.floor。\n ", + "languageDocumentation.documentationESQL.from": "FROM", + "languageDocumentation.documentationESQL.from_base64": "FROM_BASE64", + "languageDocumentation.documentationESQL.from_base64.markdown": "\n\n ### FROM_BASE64\n 解码 base64 字符串。\n\n ```\n row a = \"ZWxhc3RpYw==\" \n | eval d = from_base64(a)\n ```\n ", + "languageDocumentation.documentationESQL.from.markdown": "### FROM\n`FROM` 源命令返回一个表,其中最多包含 10,000 个来自数据流、索引或别名的文档。生成的表中的每一行代表一个文档。每一列对应一个字段,并可以通过该字段的名称进行访问。\n\n```\nFROM employees\n```\n\n您可以使用[日期数学表达式](https://www.elastic.co/guide/en/elasticsearch/reference/current/api-conventions.html#api-date-math-index-names)来引用索引、别名和数据流。这可能对时间序列数据非常有用。\n\n使用逗号分隔列表或通配符可查询多个数据流、索引或别名:\n\n```\nFROM employees-00001,employees-*\n```\n\n#### 元数据\n\nES|QL 可访问以下元数据字段:\n\n* `_index`:文档所属的索引。字段类型为 `keyword`.\n* `_id`:源文档的 ID。字段类型为 `keyword`.\n* `_version`:源文档的版本。字段类型为 `long`。\n\n使用 `METADATA` 指令可启用元数据字段:\n\n```\nFROM index [METADATA _index, _id]\n```\n\n元数据字段仅在数据源为索引时可用。因此,`FROM` 是唯一支持 `METADATA` 指令的源命令。\n\n启用后,这些字段将可用于后续处理命令,就像其他索引字段一样:\n\n```\nFROM ul_logs, apps [METADATA _index, _version]\n| WHERE id IN (13, 14) AND _version == 1\n| EVAL key = CONCAT(_index, \"_\", TO_STR(id))\n| SORT id, _index\n| KEEP id, _index, _version, key\n```\n\n此外,与索引字段类似,一旦执行了聚合,后续命令将无法再访问元数据字段,除非它用作分组字段:\n\n```\nFROM employees [METADATA _index, _id]\n| STATS max = MAX(emp_no) BY _index\n```\n ", + "languageDocumentation.documentationESQL.greatest": "GREATEST", + "languageDocumentation.documentationESQL.greatest.markdown": "\n\n ### GREATEST\n 返回多个列中的最大值。除了可一次对多个列运行以外,\n 此函数与 `MV_MAX` 类似。\n\n ```\n ROW a = 10, b = 20\n | EVAL g = GREATEST(a, b)\n ```\n 注意:对 `keyword` 或 `text` 字段运行时,此函数将按字母顺序返回最后一个字符串。对 `boolean` 列运行时,如果任何值为 `true`,此函数将返回 `true`。\n ", + "languageDocumentation.documentationESQL.grok": "GROK", + "languageDocumentation.documentationESQL.grok.markdown": "### GROK\n使用 `GROK`,您可以从字符串中提取结构化数据。`GROK` 将基于正则表达式根据模式来匹配字符串,并提取指定模式作为列。\n\n请参阅 [grok 处理器文档](https://www.elastic.co/guide/en/elasticsearch/reference/current/grok-processor.html)了解 grok 模式的语法。\n\n```\nROW a = \"12 15.5 15.6 true\"\n| GROK a \"%'{NUMBER:b:int}' %'{NUMBER:c:float}' %'{NUMBER:d:double}' %'{WORD:e:boolean}'\"\n```\n ", + "languageDocumentation.documentationESQL.inOperator": "IN", + "languageDocumentation.documentationESQL.inOperator.markdown": "### IN\n`IN` 运算符允许测试字段或表达式是否等于文本、字段或表达式列表中的元素:\n\n```\nROW a = 1, b = 4, c = 3\n| WHERE c-a IN (3, b / 2, a)\n```\n ", + "languageDocumentation.documentationESQL.ip_prefix": "IP_PREFIX", + "languageDocumentation.documentationESQL.ip_prefix.markdown": "\n\n ### IP_PREFIX\n 截短 IP 至给定的前缀长度。\n\n ```\n row ip4 = to_ip(\"1.2.3.4\"), ip6 = to_ip(\"fe80::cae2:65ff:fece:feb9\")\n | eval ip4_prefix = ip_prefix(ip4, 24, 0), ip6_prefix = ip_prefix(ip6, 0, 112);\n ```\n ", + "languageDocumentation.documentationESQL.keep": "KEEP", + "languageDocumentation.documentationESQL.keep.markdown": "### KEEP\n使用 `KEEP` 命令,您可以指定将返回哪些列以及返回这些列的顺序。\n\n要限制返回的列数,请使用列名的逗号分隔列表。将按指定顺序返回这些列:\n \n```\nFROM employees\n| KEEP first_name, last_name, height\n```\n\n您不必按名称指定每个列,而可以使用通配符返回名称匹配某种模式的所有列:\n\n```\nFROM employees\n| KEEP h*\n```\n\n星号通配符 (`*`) 自身将转换为不与其他参数匹配的所有列。此查询将首先返回所有名称以 h 开头的所有列,随后返回所有其他列:\n\n```\nFROM employees\n| KEEP h*, *\n```\n ", + "languageDocumentation.documentationESQL.least": "LEAST", + "languageDocumentation.documentationESQL.least.markdown": "\n\n ### LEAST\n 返回多个列中的最小值。除了可一次对多个列运行以外,此函数与 `MV_MIN` 类似。\n\n ```\n ROW a = 10, b = 20\n | EVAL l = LEAST(a, b)\n ```\n ", + "languageDocumentation.documentationESQL.left": "LEFT", + "languageDocumentation.documentationESQL.left.markdown": "\n\n ### LEFT\n 返回从“字符串”中提取“长度”字符的子字符串,从左侧开始。\n\n ```\n FROM employees\n | KEEP last_name\n | EVAL left = LEFT(last_name, 3)\n | SORT last_name ASC\n | LIMIT 5\n ```\n ", + "languageDocumentation.documentationESQL.length": "LENGTH", + "languageDocumentation.documentationESQL.length.markdown": "\n\n ### LENGTH\n 返回字符串的字符长度。\n\n ```\n FROM employees\n | KEEP first_name, last_name\n | EVAL fn_length = LENGTH(first_name)\n ```\n ", + "languageDocumentation.documentationESQL.limit": "LIMIT", + "languageDocumentation.documentationESQL.limit.markdown": "### LIMIT\n`LIMIT` 处理命令允许您限制行数:\n \n```\nFROM employees\n| LIMIT 5\n```\n ", + "languageDocumentation.documentationESQL.locate": "LOCATE", + "languageDocumentation.documentationESQL.locate.markdown": "\n\n ### LOCATE\n 返回一个整数,指示关键字子字符串在另一字符串中的位置\n\n ```\n row a = \"hello\"\n | eval a_ll = locate(a, \"ll\")\n ```\n ", + "languageDocumentation.documentationESQL.log": "LOG", + "languageDocumentation.documentationESQL.log.markdown": "\n\n ### LOG\n 以某底数返回值的对数。输入可以为任何数字值,返回值始终为双精度值。\n\n 求零、负数的对数,以及底数为一时将返回 `null`,并显示警告。\n\n ```\n ROW base = 2.0, value = 8.0\n | EVAL s = LOG(base, value)\n ```\n ", + "languageDocumentation.documentationESQL.log10": "LOG10", + "languageDocumentation.documentationESQL.log10.markdown": "\n\n ### LOG10\n 以底数 10 返回值的对数。输入可以为任何数字值,返回值始终为双精度值。\n\n 求 0 和负数的对数时将返回 `null`,并显示警告。\n\n ```\n ROW d = 1000.0 \n | EVAL s = LOG10(d)\n ```\n ", + "languageDocumentation.documentationESQL.ltrim": "LTRIM", + "languageDocumentation.documentationESQL.ltrim.markdown": "\n\n ### LTRIM\n 从字符串中移除前导空格。\n\n ```\n ROW message = \" some text \", color = \" red \"\n | EVAL message = LTRIM(message)\n | EVAL color = LTRIM(color)\n | EVAL message = CONCAT(\"'\", message, \"'\")\n | EVAL color = CONCAT(\"'\", color, \"'\")\n ```\n ", + "languageDocumentation.documentationESQL.markdown": "## ES|QL\n\nES|QL(Elasticsearch 查询语言)查询包含一系列命令,它们用管道字符分隔:`|`。每个查询以**源命令**开头,它会生成一个表,其中通常包含来自 Elasticsearch 的数据。\n\n源命令可后接一个或多个**处理命令**。处理命令可通过添加、移除以及更改行和列来更改前一个命令的输出表。\n\n```\nsource-command\n| processing-command1\n| processing-command2\n```\n\n查询的结果为由最后的处理命令生成的表。 \n ", + "languageDocumentation.documentationESQL.mv_append": "MV_APPEND", + "languageDocumentation.documentationESQL.mv_append.markdown": "\n\n ### MV_APPEND\n 串联两个多值字段的值。\n\n ", + "languageDocumentation.documentationESQL.mv_avg": "MV_AVG", + "languageDocumentation.documentationESQL.mv_avg.markdown": "\n\n ### MV_AVG\n 将多值字段转换为包含所有值的平均值的单值字段。\n\n ```\n ROW a=[3, 5, 1, 6]\n | EVAL avg_a = MV_AVG(a)\n ```\n ", + "languageDocumentation.documentationESQL.mv_concat": "MV_CONCAT", + "languageDocumentation.documentationESQL.mv_concat.markdown": "\n\n ### MV_CONCAT\n 将多值字符串表达式转换为单值列,其中包含由分隔符分隔的所有值的串联形式。\n\n ```\n ROW a=[\"foo\", \"zoo\", \"bar\"]\n | EVAL j = MV_CONCAT(a, \", \")\n ```\n ", + "languageDocumentation.documentationESQL.mv_count": "MV_COUNT", + "languageDocumentation.documentationESQL.mv_count.markdown": "\n\n ### MV_COUNT\n 将多值表达式转换为包含值计数的单值列。\n\n ```\n ROW a=[\"foo\", \"zoo\", \"bar\"]\n | EVAL count_a = MV_COUNT(a)\n ```\n ", + "languageDocumentation.documentationESQL.mv_dedupe": "MV_DEDUPE", + "languageDocumentation.documentationESQL.mv_dedupe.markdown": "\n\n ### MV_DEDUPE\n 移除多值字段中的重复值。\n\n ```\n ROW a=[\"foo\", \"foo\", \"bar\", \"foo\"]\n | EVAL dedupe_a = MV_DEDUPE(a)\n ```\n 注意:`MV_DEDUPE` 可能但不会始终对列中的值进行排序。\n ", + "languageDocumentation.documentationESQL.mv_first": "MV_FIRST", + "languageDocumentation.documentationESQL.mv_first.markdown": "\n\n ### MV_FIRST\n 将多值表达式转换为包含第一个值的\n 单值列。这在从按已知顺序发出多值列的\n 函数(如 `SPLIT`)中读取数据时尤其有用。\n\n 无法保证从底层存储\n 读取多值字段的顺序。它 *通常* 为升序,但不应\n 依赖于此。如果需要最小值,请使用 `MV_MIN` 而不是\n `MV_FIRST`。`MV_MIN` 针对排序值进行了优化,因此\n 对 `MV_FIRST` 没有性能优势。\n\n ```\n ROW a=\"foo;bar;baz\"\n | EVAL first_a = MV_FIRST(SPLIT(a, \";\"))\n ```\n ", + "languageDocumentation.documentationESQL.mv_last": "MV_LAST", + "languageDocumentation.documentationESQL.mv_last.markdown": "\n\n ### MV_LAST\n 将多值表达式转换为包含最后一个值的单值\n 列。这在从按已知顺序发出多值列的函数\n (如 `SPLIT`)中读取数据时尤其有用。\n\n 无法保证从底层存储\n 读取多值字段的顺序。它 *通常* 为升序,但不应\n 依赖于此。如果需要最大值,请使用 `MV_MAX` 而不是\n `MV_LAST`。`MV_MAX` 针对排序值进行了优化,因此\n 对 `MV_LAST` 没有性能优势。\n\n ```\n ROW a=\"foo;bar;baz\"\n | EVAL last_a = MV_LAST(SPLIT(a, \";\"))\n ```\n ", + "languageDocumentation.documentationESQL.mv_max": "MV_MAX", + "languageDocumentation.documentationESQL.mv_max.markdown": "\n\n ### MV_MAX\n 将多值表达式转换为包含最大值的单值列。\n\n ```\n ROW a=[3, 5, 1]\n | EVAL max_a = MV_MAX(a)\n ```\n ", + "languageDocumentation.documentationESQL.mv_median": "MV_MEDIAN", + "languageDocumentation.documentationESQL.mv_median.markdown": "\n\n ### MV_MEDIAN\n 将多值字段转换为包含中位数值的单值字段。\n\n ```\n ROW a=[3, 5, 1]\n | EVAL median_a = MV_MEDIAN(a)\n ```\n ", + "languageDocumentation.documentationESQL.mv_min": "MV_MIN", + "languageDocumentation.documentationESQL.mv_min.markdown": "\n\n ### MV_MIN\n 将多值表达式转换为包含最小值的单值列。\n\n ```\n ROW a=[2, 1]\n | EVAL min_a = MV_MIN(a)\n ```\n ", + "languageDocumentation.documentationESQL.mv_slice": "MV_SLICE", + "languageDocumentation.documentationESQL.mv_slice.markdown": "\n\n ### MV_SLICE\n 使用起始和结束索引值返回多值字段的子集。\n\n ```\n row a = [1, 2, 2, 3]\n | eval a1 = mv_slice(a, 1), a2 = mv_slice(a, 2, 3)\n ```\n ", + "languageDocumentation.documentationESQL.mv_sort": "MV_SORT", + "languageDocumentation.documentationESQL.mv_sort.markdown": "\n\n ### MV_SORT\n 按字典顺序对多值字段排序。\n\n ```\n ROW a = [4, 2, -3, 2]\n | EVAL sa = mv_sort(a), sd = mv_sort(a, \"DESC\")\n ```\n ", + "languageDocumentation.documentationESQL.mv_sum": "MV_SUM", + "languageDocumentation.documentationESQL.mv_sum.markdown": "\n\n ### MV_SUM\n 将多值字段转换为包含所有值的总和的单值字段。\n\n ```\n ROW a=[3, 5, 6]\n | EVAL sum_a = MV_SUM(a)\n ```\n ", + "languageDocumentation.documentationESQL.mv_zip": "MV_ZIP", + "languageDocumentation.documentationESQL.mv_zip.markdown": "\n\n ### MV_ZIP\n 组合两个使用分隔符联接在一起的多值字段中的值。\n\n ```\n ROW a = [\"x\", \"y\", \"z\"], b = [\"1\", \"2\"]\n | EVAL c = mv_zip(a, b, \"-\")\n | KEEP a, b, c\n ```\n ", + "languageDocumentation.documentationESQL.mvExpand": "MV_EXPAND", + "languageDocumentation.documentationESQL.mvExpand.markdown": "### MV_EXPAND\n`MV_EXPAND` 处理命令将多值字段扩展成每个值一行,从而复制其他字段: \n```\nROW a=[1,2,3], b=\"b\", j=[\"a\",\"b\"]\n| MV_EXPAND a\n```\n ", + "languageDocumentation.documentationESQL.now": "NOW", + "languageDocumentation.documentationESQL.now.markdown": "\n\n ### NOW\n 返回当前日期和时间。\n\n ```\n ROW current_date = NOW()\n ```\n ", + "languageDocumentation.documentationESQL.pi": "PI", + "languageDocumentation.documentationESQL.pi.markdown": "\n\n ### PI\n 返回 Pi,即圆的周长与其直径的比率。\n\n ```\n ROW PI()\n ```\n ", + "languageDocumentation.documentationESQL.pow": "POW", + "languageDocumentation.documentationESQL.pow.markdown": "\n\n ### POW\n 返回提升为 `exponent` 幂的 `base` 的值。\n\n ```\n ROW base = 2.0, exponent = 2\n | EVAL result = POW(base, exponent)\n ```\n 注意:此处仍可能使双精度结果溢出;在该情况下,将返回 null。\n ", + "languageDocumentation.documentationESQL.predicates": "Null 值", + "languageDocumentation.documentationESQL.predicates.markdown": "### NULL 值\n对于 NULL 比较,请使用 `IS NULL` 和 `IS NOT NULL` 谓词:\n\n```\nFROM employees\n| WHERE birth_date IS NULL\n| KEEP first_name, last_name\n| SORT first_name\n| LIMIT 3\n```\n\n```\nFROM employees\n| WHERE is_rehired IS NOT NULL\n| STATS count(emp_no)\n```\n ", + "languageDocumentation.documentationESQL.rename": "RENAME", + "languageDocumentation.documentationESQL.rename.markdown": "### RENAME\n请使用 `RENAME` 通过以下语法对列重命名:\n\n```\nRENAME AS \n```\n\n例如:\n\n```\nFROM employees\n| KEEP first_name, last_name, still_hired\n| RENAME still_hired AS employed\n```\n\n如果使用新名称的列已存在,将用新列替换该列。\n\n可以使用单个 `RENAME` 命令对多个列重命名:\n\n```\nFROM employees\n| KEEP first_name, last_name\n| RENAME first_name AS fn, last_name AS ln\n```\n ", + "languageDocumentation.documentationESQL.repeat": "REPEAT", + "languageDocumentation.documentationESQL.repeat.markdown": "\n\n ### REPEAT\n 返回通过串联 `string` 自身与指定次数 `number` 构造而成的字符串。\n\n ```\n ROW a = \"Hello!\"\n | EVAL triple_a = REPEAT(a, 3);\n ```\n ", + "languageDocumentation.documentationESQL.replace": "REPLACE", + "languageDocumentation.documentationESQL.replace.markdown": "\n\n ### REPLACE\n 此函数将字符串 `str` 中正则表达式 `regex` 的任何匹配项\n 替换为替代字符串 `newStr`。\n\n ```\n ROW str = \"Hello World\"\n | EVAL str = REPLACE(str, \"World\", \"Universe\")\n | KEEP str\n ```\n ", + "languageDocumentation.documentationESQL.right": "RIGHT", + "languageDocumentation.documentationESQL.right.markdown": "\n\n ### RIGHT\n 返回从“字符串”中提取“长度”字符的子字符串,从右侧开始。\n\n ```\n FROM employees\n | KEEP last_name\n | EVAL right = RIGHT(last_name, 3)\n | SORT last_name ASC\n | LIMIT 5\n ```\n ", + "languageDocumentation.documentationESQL.round": "ROUND", + "languageDocumentation.documentationESQL.round.markdown": "\n\n ### ROUND\n 将数字舍入到指定小数位数。\n 默认值为 0,即返回最近的整数。如果\n 精确度为负数,则将数字舍入到\n 小数点左侧的位数。\n\n ```\n FROM employees\n | KEEP first_name, last_name, height\n | EVAL height_ft = ROUND(height * 3.281, 1)\n ```\n ", + "languageDocumentation.documentationESQL.row": "ROW", + "languageDocumentation.documentationESQL.row.markdown": "### ROW\n`ROW` 源命令会生成一个行,其中包含一个或多个含有您指定的值的列。这可以用于测试。\n \n```\nROW a = 1, b = \"two\", c = null\n```\n\n请使用方括号创建多值列:\n\n```\nROW a = [2, 1]\n```\n\nROW 支持使用函数:\n\n```\nROW a = ROUND(1.23, 0)\n```\n ", + "languageDocumentation.documentationESQL.rtrim": "RTRIM", + "languageDocumentation.documentationESQL.rtrim.markdown": "\n\n ### RTRIM\n 从字符串中移除尾随空格。\n\n ```\n ROW message = \" some text \", color = \" red \"\n | EVAL message = RTRIM(message)\n | EVAL color = RTRIM(color)\n | EVAL message = CONCAT(\"'\", message, \"'\")\n | EVAL color = CONCAT(\"'\", color, \"'\")\n ```\n ", + "languageDocumentation.documentationESQL.show": "SHOW", + "languageDocumentation.documentationESQL.show.markdown": "### SHOW\n`SHOW ` 源命令返回有关部署及其功能的信息:\n\n* 使用 `SHOW INFO` 可返回部署的版本、构建日期和哈希。\n* 使用 `SHOW FUNCTIONS` 可返回所有受支持函数的列表和每个函数的概要。\n ", + "languageDocumentation.documentationESQL.signum": "SIGNUM", + "languageDocumentation.documentationESQL.signum.markdown": "\n\n ### SIGNUM\n 返回给定数字的符号。\n 它对负数返回 `-1`,对 `0` 返回 `0`,对正数返回 `1`。\n\n ```\n ROW d = 100.0\n | EVAL s = SIGNUM(d)\n ```\n ", + "languageDocumentation.documentationESQL.sin": "SIN", + "languageDocumentation.documentationESQL.sin.markdown": "\n\n ### SIN\n 返回角度的正弦三角函数。\n\n ```\n ROW a=1.8 \n | EVAL sin=SIN(a)\n ```\n ", + "languageDocumentation.documentationESQL.sinh": "SINH", + "languageDocumentation.documentationESQL.sinh.markdown": "\n\n ### SINH\n 返回角度的双曲正弦。\n\n ```\n ROW a=1.8 \n | EVAL sinh=SINH(a)\n ```\n ", + "languageDocumentation.documentationESQL.sort": "SORT", + "languageDocumentation.documentationESQL.sort.markdown": "### SORT\n使用 `SORT` 命令可对一个或多个字段上的行排序:\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| SORT height\n```\n\n默认排序顺序为升序。请使用 `ASC` 或 `DESC` 设置显式排序顺序:\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| SORT height DESC\n```\n\n如果两个行具有相同的排序键,则保留原始顺序。您可以提供其他排序表达式充当连接断路器:\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| SORT height DESC, first_name ASC\n```\n\n#### `null` 值\n默认情况下,会将 `null` 值视为大于任何其他值。使用升序排序顺序时,会最后对 `null` 值排序,而使用降序排序顺序时,会首先对 `null` 值排序。您可以通过提供 `NULLS FIRST` 或 `NULLS LAST` 来更改该排序:\n\n```\nFROM employees\n| KEEP first_name, last_name, height\n| SORT first_name ASC NULLS FIRST\n```\n ", + "languageDocumentation.documentationESQL.split": "SPLIT", + "languageDocumentation.documentationESQL.split.markdown": "\n\n ### SPLIT\n 将单值字符串拆分成多个字符串。\n\n ```\n ROW words=\"foo;bar;baz;qux;quux;corge\"\n | EVAL word = SPLIT(words, \";\")\n ```\n ", + "languageDocumentation.documentationESQL.sqrt": "SQRT", + "languageDocumentation.documentationESQL.sqrt.markdown": "\n\n ### SQRT\n 返回数字的平方根。输入可以为任何数字值,返回值始终为双精度值。\n 负数和无穷大的平方根为 null。\n\n ```\n ROW d = 100.0\n | EVAL s = SQRT(d)\n ```\n ", + "languageDocumentation.documentationESQL.st_contains": "ST_CONTAINS", + "languageDocumentation.documentationESQL.st_contains.markdown": "\n\n ### ST_CONTAINS\n 返回第一个几何形状是否包含第二个几何形状。\n 这是 `ST_WITHIN` 函数的反向函数。\n\n ```\n FROM airport_city_boundaries\n | WHERE ST_CONTAINS(city_boundary, TO_GEOSHAPE(\"POLYGON((109.35 18.3, 109.45 18.3, 109.45 18.4, 109.35 18.4, 109.35 18.3))\"))\n | KEEP abbrev, airport, region, city, city_location\n ```\n ", + "languageDocumentation.documentationESQL.st_disjoint": "ST_DISJOINT", + "languageDocumentation.documentationESQL.st_disjoint.markdown": "\n\n ### ST_DISJOINT\n 返回两个几何图形或几何图形列是否不相交。\n 这是 `ST_INTERSECTS` 函数的反向函数。\n 从数学上讲:ST_Disjoint(A, B) ⇔ A ⋂ B = ∅\n\n ```\n FROM airport_city_boundaries\n | WHERE ST_DISJOINT(city_boundary, TO_GEOSHAPE(\"POLYGON((-10 -60, 120 -60, 120 60, -10 60, -10 -60))\"))\n | KEEP abbrev, airport, region, city, city_location\n ```\n ", + "languageDocumentation.documentationESQL.st_distance": "ST_DISTANCE", + "languageDocumentation.documentationESQL.st_distance.markdown": "\n\n ### ST_DISTANCE\n 计算两点之间的距离。\n 对于笛卡尔几何形状,这是以相同单位作为原始坐标时的毕达哥拉斯距离。\n 对于地理几何形状而言,这是沿着地球大圆的圆周距离(以米为单位)。\n\n ```\n FROM airports\n | WHERE abbrev == \"CPH\"\n | EVAL distance = ST_DISTANCE(location, city_location)\n | KEEP abbrev, name, location, city_location, distance\n ```\n ", + "languageDocumentation.documentationESQL.st_intersects": "ST_INTERSECTS", + "languageDocumentation.documentationESQL.st_intersects.markdown": "\n\n ### ST_INTERSECTS\n 如果两个几何形状相交,则返回 true。\n 如果它们有任何共同点,包括其内点\n (沿线的点或多边形内的点),则表示它们相交。\n 这是 `ST_DISJOINT` 函数的反向函数。\n 从数学上讲:ST_Intersects(A, B) ⇔ A ⋂ B ≠ ∅\n\n ```\n FROM airports\n | WHERE ST_INTERSECTS(location, TO_GEOSHAPE(\"POLYGON((42 14, 43 14, 43 15, 42 15, 42 14))\"))\n ```\n ", + "languageDocumentation.documentationESQL.st_within": "ST_WITHIN", + "languageDocumentation.documentationESQL.st_within.markdown": "\n\n ### ST_WITHIN\n 返回第一个几何形状是否在第二个几何形状内。\n 这是 `ST_CONTAINS` 函数的反向函数。\n\n ```\n FROM airport_city_boundaries\n | WHERE ST_WITHIN(city_boundary, TO_GEOSHAPE(\"POLYGON((109.1 18.15, 109.6 18.15, 109.6 18.65, 109.1 18.65, 109.1 18.15))\"))\n | KEEP abbrev, airport, region, city, city_location\n ```\n ", + "languageDocumentation.documentationESQL.st_x": "ST_X", + "languageDocumentation.documentationESQL.st_x.markdown": "\n\n ### ST_X\n 从提供的点中提取 `x` 坐标。\n 如果点的类型为 `geo_point`,则这等同于提取 `longitude` 值。\n\n ```\n ROW point = TO_GEOPOINT(\"POINT(42.97109629958868 14.7552534006536)\")\n | EVAL x = ST_X(point), y = ST_Y(point)\n ```\n ", + "languageDocumentation.documentationESQL.st_y": "ST_Y", + "languageDocumentation.documentationESQL.st_y.markdown": "\n\n ### ST_Y\n 从提供的点中提取 `y` 坐标。\n 如果点的类型为 `geo_point`,则这等同于提取 `latitude` 值。\n\n ```\n ROW point = TO_GEOPOINT(\"POINT(42.97109629958868 14.7552534006536)\")\n | EVAL x = ST_X(point), y = ST_Y(point)\n ```\n ", + "languageDocumentation.documentationESQL.starts_with": "STARTS_WITH", + "languageDocumentation.documentationESQL.starts_with.markdown": "\n\n ### STARTS_WITH\n 返回指示关键字字符串是否以另一个字符串开头的布尔值。\n\n ```\n FROM employees\n | KEEP last_name\n | EVAL ln_S = STARTS_WITH(last_name, \"B\")\n ```\n ", + "languageDocumentation.documentationESQL.statsby": "STATS ...BY", + "languageDocumentation.documentationESQL.statsby.markdown": "### STATS ...BY\n使用 `STATS ...BY` 可根据公共值对行分组,并计算已分组行中的一个或多个聚合值。\n\n**示例**:\n\n```\nFROM employees\n| STATS count = COUNT(emp_no) BY languages\n| SORT languages\n```\n\n如果省略 `BY`,输出表实际将包含一行,其中为应用于整个数据集的聚合:\n\n```\nFROM employees\n| STATS avg_lang = AVG(languages)\n```\n\n可以计算多个值:\n\n```\nFROM employees\n| STATS avg_lang = AVG(languages), max_lang = MAX(languages)\n```\n\n也可以按多个值分组(仅长整型和关键字家族字段支持):\n\n```\nFROM employees\n| EVAL hired = DATE_FORMAT(hire_date, \"YYYY\")\n| STATS avg_salary = AVG(salary) BY hired, languages.long\n| EVAL avg_salary = ROUND(avg_salary)\n| SORT hired, languages.long\n```\n\n请参阅**聚合函数**获取可与 `STATS ...BY` 搭配使用的函数列表。\n\n聚合函数和分组表达式均接受其他函数。这在对多值列使用 `STATS...BY` 时有用。例如,要计算平均工资变动,可以首先使用 `MV_AVG` 对每名员工的多个值求平均值,然后将结果用于 `AVG` 函数:\n\n```\nFROM employees\n| STATS avg_salary_change = AVG(MV_AVG(salary_change))\n```\n\n按表达式分组的示例为根据员工姓氏的第一个字母对其进行分组:\n\n```\nFROM employees\n| STATS my_count = COUNT() BY LEFT(last_name, 1)\n| SORT `LEFT(last_name, 1)`\n```\n\n指定输出列名称为可选操作。如果未指定,新列名称等于该表达式。以下查询将返回名为 `AVG(salary)` 的列:\n\n```\nFROM employees\n| STATS AVG(salary)\n```\n\n由于此名称包含特殊字符,在后续命令中使用该名称时,需要用反撇号 (`) 引用它:\n\n```\nFROM employees\n| STATS AVG(salary)\n| EVAL avg_salary_rounded = ROUND(`AVG(salary)`)\n```\n\n**注意**:不包含任何组的 `STATS` 比添加组更快。\n\n**注意**:当前,根据单一表达式进行分组比根据许多表达式进行分组更为优化。\n ", + "languageDocumentation.documentationESQL.stringOperators": "LIKE 和 RLIKE", + "languageDocumentation.documentationESQL.stringOperators.markdown": "### LIKE 和 RLIKE\n使用通配符或正则表达式比较字符串时,请使用 `LIKE` 或 `RLIKE`:\n\n使用 `LIKE` 时,可使用通配符来匹配字符串。支持以下通配符字符:\n\n* `*` 匹配零个或更多字符。\n* `?` 匹配一个字符。\n\n```\nFROM employees\n| WHERE first_name LIKE \"?b*\"\n| KEEP first_name, last_name\n```\n\n使用 `RLIKE` 时,可使用正则表达式来匹配字符串:\n\n```\nFROM employees\n| WHERE first_name RLIKE \".leja.*\"\n| KEEP first_name, last_name\n```\n ", + "languageDocumentation.documentationESQL.substring": "SUBSTRING", + "languageDocumentation.documentationESQL.substring.markdown": "\n\n ### SUBSTRING\n 返回字符串的子字符串,用起始位置和可选长度指定\n\n ```\n FROM employees\n | KEEP last_name\n | EVAL ln_sub = SUBSTRING(last_name, 1, 3)\n ```\n ", + "languageDocumentation.documentationESQL.tan": "TAN", + "languageDocumentation.documentationESQL.tan.markdown": "\n\n ### TAN\n 返回角度的正切三角函数。\n\n ```\n ROW a=1.8 \n | EVAL tan=TAN(a)\n ```\n ", + "languageDocumentation.documentationESQL.tanh": "TANH", + "languageDocumentation.documentationESQL.tanh.markdown": "\n\n ### TANH\n 返回角度的双曲正切函数。\n\n ```\n ROW a=1.8 \n | EVAL tanh=TANH(a)\n ```\n ", + "languageDocumentation.documentationESQL.tau": "TAU", + "languageDocumentation.documentationESQL.tau.markdown": "\n\n ### TAU\n 返回圆的圆周长与其半径的比率。\n\n ```\n ROW TAU()\n ```\n ", + "languageDocumentation.documentationESQL.to_base64": "TO_BASE64", + "languageDocumentation.documentationESQL.to_base64.markdown": "\n\n ### TO_BASE64\n 将字符串编码为 base64 字符串。\n\n ```\n row a = \"elastic\" \n | eval e = to_base64(a)\n ```\n ", + "languageDocumentation.documentationESQL.to_boolean": "TO_BOOLEAN", + "languageDocumentation.documentationESQL.to_boolean.markdown": "\n\n ### TO_BOOLEAN\n 将输入值转换为布尔值。\n 字符串值 *true* 将不区分大小写并被转换为布尔值 *true*。\n 对于任何其他值,包括空字符串,此函数将返回 *false*。\n 数字值 *0* 将转换为 *false*,任何其他值将转换为 *true*。\n\n ```\n ROW str = [\"true\", \"TRuE\", \"false\", \"\", \"yes\", \"1\"]\n | EVAL bool = TO_BOOLEAN(str)\n ```\n ", + "languageDocumentation.documentationESQL.to_cartesianpoint": "TO_CARTESIANPOINT", + "languageDocumentation.documentationESQL.to_cartesianpoint.markdown": "\n\n ### TO_CARTESIANPOINT\n 将输入值转换为 `cartesian_point` 值。\n 字符串只有符合 WKT 点格式时,才能成功转换。\n\n ```\n ROW wkt = [\"POINT(4297.11 -1475.53)\", \"POINT(7580.93 2272.77)\"]\n | MV_EXPAND wkt\n | EVAL pt = TO_CARTESIANPOINT(wkt)\n ```\n ", + "languageDocumentation.documentationESQL.to_cartesianshape": "TO_CARTESIANSHAPE", + "languageDocumentation.documentationESQL.to_cartesianshape.markdown": "\n\n ### TO_CARTESIANSHAPE\n 将输入值转换为 `cartesian_shape` 值。\n 字符串只有符合 WKT 格式时,才能成功转换。\n\n ```\n ROW wkt = [\"POINT(4297.11 -1475.53)\", \"POLYGON ((3339584.72 1118889.97, 4452779.63 4865942.27, 2226389.81 4865942.27, 1113194.90 2273030.92, 3339584.72 1118889.97))\"]\n | MV_EXPAND wkt\n | EVAL geom = TO_CARTESIANSHAPE(wkt)\n ```\n ", + "languageDocumentation.documentationESQL.to_datetime": "TO_DATETIME", + "languageDocumentation.documentationESQL.to_datetime.markdown": "\n\n ### TO_DATETIME\n 将输入值转换为日期值。\n 仅当字符串采用 `yyyy-MM-dd'T'HH:mm:ss.SSS'Z'` 格式时,才可进行成功转换。\n 要转换其他格式的日期,请使用 `DATE_PARSE`。\n\n ```\n ROW string = [\"1953-09-02T00:00:00.000Z\", \"1964-06-02T00:00:00.000Z\", \"1964-06-02 00:00:00\"]\n | EVAL datetime = TO_DATETIME(string)\n ```\n ", + "languageDocumentation.documentationESQL.to_degrees": "TO_DEGREES", + "languageDocumentation.documentationESQL.to_degrees.markdown": "\n\n ### TO_DEGREES\n 将弧度转换为度数。\n\n ```\n ROW rad = [1.57, 3.14, 4.71]\n | EVAL deg = TO_DEGREES(rad)\n ```\n ", + "languageDocumentation.documentationESQL.to_double": "TO_DOUBLE", + "languageDocumentation.documentationESQL.to_double.markdown": "\n\n ### TO_DOUBLE\n 将输入值转换为双精度值。如果输入参数为日期类型,\n 会将其值解析为自 Unix epoch 以来的毫秒数,\n 并转换为双精度值。布尔值 *true* 将转换为双精度值 *1.0*,*false* 转换为 *0.0*。\n\n ```\n ROW str1 = \"5.20128E11\", str2 = \"foo\"\n | EVAL dbl = TO_DOUBLE(\"520128000000\"), dbl1 = TO_DOUBLE(str1), dbl2 = TO_DOUBLE(str2)\n ```\n ", + "languageDocumentation.documentationESQL.to_geopoint": "TO_GEOPOINT", + "languageDocumentation.documentationESQL.to_geopoint.markdown": "\n\n ### TO_GEOPOINT\n 将输入值转换为 `geo_point` 值。\n 字符串只有符合 WKT 点格式时,才能成功转换。\n\n ```\n ROW wkt = \"POINT(42.97109630194 14.7552534413725)\"\n | EVAL pt = TO_GEOPOINT(wkt)\n ```\n ", + "languageDocumentation.documentationESQL.to_geoshape": "TO_GEOSHAPE", + "languageDocumentation.documentationESQL.to_geoshape.markdown": "\n\n ### TO_GEOSHAPE\n 将输入值转换为 `geo_shape` 值。\n 字符串只有符合 WKT 格式时,才能成功转换。\n\n ```\n ROW wkt = \"POLYGON ((30 10, 40 40, 20 40, 10 20, 30 10))\"\n | EVAL geom = TO_GEOSHAPE(wkt)\n ```\n ", + "languageDocumentation.documentationESQL.to_integer": "TO_INTEGER", + "languageDocumentation.documentationESQL.to_integer.markdown": "\n\n ### TO_INTEGER\n 将输入值转换为整数值。\n 如果输入参数为日期类型,会将其值解析为自 Unix epoch 以来\n 的毫秒数,并转换为整数。\n 布尔值 *true* 将转换为整数 *1*,*false* 转换为 *0*。\n\n ```\n ROW long = [5013792, 2147483647, 501379200000]\n | EVAL int = TO_INTEGER(long)\n ```\n ", + "languageDocumentation.documentationESQL.to_ip": "TO_IP", + "languageDocumentation.documentationESQL.to_ip.markdown": "\n\n ### TO_IP\n 将输入字符串转换为 IP 值。\n\n ```\n ROW str1 = \"1.1.1.1\", str2 = \"foo\"\n | EVAL ip1 = TO_IP(str1), ip2 = TO_IP(str2)\n | WHERE CIDR_MATCH(ip1, \"1.0.0.0/8\")\n ```\n ", + "languageDocumentation.documentationESQL.to_long": "TO_LONG", + "languageDocumentation.documentationESQL.to_long.markdown": "\n\n ### TO_LONG\n 将输入值转换为长整型值。如果输入参数为日期类型,\n 会将其值解析为自 Unix epoch 以来的毫秒数,并转换为长整型值。\n 布尔值 *true* 将转换为长整型值 *1*,*false* 转换为 *0*。\n\n ```\n ROW str1 = \"2147483648\", str2 = \"2147483648.2\", str3 = \"foo\"\n | EVAL long1 = TO_LONG(str1), long2 = TO_LONG(str2), long3 = TO_LONG(str3)\n ```\n ", + "languageDocumentation.documentationESQL.to_lower": "TO_LOWER", + "languageDocumentation.documentationESQL.to_lower.markdown": "\n\n ### TO_LOWER\n 返回一个新字符串,表示已将输入字符串转为小写。\n\n ```\n ROW message = \"Some Text\"\n | EVAL message_lower = TO_LOWER(message)\n ```\n ", + "languageDocumentation.documentationESQL.to_radians": "TO_RADIANS", + "languageDocumentation.documentationESQL.to_radians.markdown": "\n\n ### TO_RADIANS\n 将度数转换为弧度。\n\n ```\n ROW deg = [90.0, 180.0, 270.0]\n | EVAL rad = TO_RADIANS(deg)\n ```\n ", + "languageDocumentation.documentationESQL.to_string": "TO_STRING", + "languageDocumentation.documentationESQL.to_string.markdown": "\n\n ### TO_STRING\n 将输入值转换为字符串。\n\n ```\n ROW a=10\n | EVAL j = TO_STRING(a)\n ```\n ", + "languageDocumentation.documentationESQL.to_unsigned_long": "TO_UNSIGNED_LONG", + "languageDocumentation.documentationESQL.to_unsigned_long.markdown": "\n\n ### TO_UNSIGNED_LONG\n 将输入值转换为无符号长整型值。如果输入参数为日期类型,\n 会将其值解析为自 Unix epoch 以来的毫秒数,并转换为无符号长整型值。\n 布尔值 *true* 将转换为无符号长整型值 *1*,*false* 转换为 *0*。\n\n ```\n ROW str1 = \"2147483648\", str2 = \"2147483648.2\", str3 = \"foo\"\n | EVAL long1 = TO_UNSIGNED_LONG(str1), long2 = TO_ULONG(str2), long3 = TO_UL(str3)\n ```\n ", + "languageDocumentation.documentationESQL.to_upper": "TO_UPPER", + "languageDocumentation.documentationESQL.to_upper.markdown": "\n\n ### TO_UPPER\n 返回一个新字符串,表示已将输入字符串转为大写。\n\n ```\n ROW message = \"Some Text\"\n | EVAL message_upper = TO_UPPER(message)\n ```\n ", + "languageDocumentation.documentationESQL.to_version": "TO_VERSION", + "languageDocumentation.documentationESQL.to_version.markdown": "\n\n ### TO_VERSION\n 将输入字符串转换为版本值。\n\n ```\n ROW v = TO_VERSION(\"1.2.3\")\n ```\n ", + "languageDocumentation.documentationESQL.trim": "TRIM", + "languageDocumentation.documentationESQL.trim.markdown": "\n\n ### TRIM\n 从字符串中移除前导和尾随空格。\n\n ```\n ROW message = \" some text \", color = \" red \"\n | EVAL message = TRIM(message)\n | EVAL color = TRIM(color)\n ```\n ", + "languageDocumentation.documentationESQL.where": "WHERE", + "languageDocumentation.documentationESQL.where.markdown": "### WHERE\n使用 `WHERE` 可生成一个表,其中包含输入表中所提供的条件评估为 `true` 的所有行:\n \n```\nFROM employees\n| KEEP first_name, last_name, still_hired\n| WHERE still_hired == true\n```\n\n#### 运算符\n\n请参阅**运算符**了解所支持的运算符的概览。\n\n#### 函数\n`WHERE` 支持各种用于计算值的函数。请参阅**函数**了解更多信息。\n ", "textBasedEditor.query.textBasedLanguagesEditor.EnableWordWrapLabel": "在管道符上添加换行符", "textBasedEditor.query.textBasedLanguagesEditor.errorCount": "{count} 个{count, plural, other {错误}}", "textBasedEditor.query.textBasedLanguagesEditor.errorsTitle": "错误", "textBasedEditor.query.textBasedLanguagesEditor.expandLabel": "展开", "textBasedEditor.query.textBasedLanguagesEditor.feedback": "反馈", - "languageDocumentationPopover.documentationESQL.functions": "函数", - "languageDocumentationPopover.documentationESQL.functionsDocumentationESQLDescription": "ROW、EVAL 和 WHERE 支持的函数。", - "languageDocumentationPopover.documentationESQL.groupingFunctions": "分组函数", - "languageDocumentationPopover.documentationESQL.groupingFunctionsDocumentationESQLDescription": "这些分组函数可以与 `STATS...BY` 搭配使用:", + "languageDocumentation.documentationESQL.functions": "函数", + "languageDocumentation.documentationESQL.functionsDocumentationESQLDescription": "ROW、EVAL 和 WHERE 支持的函数。", + "languageDocumentation.documentationESQL.groupingFunctions": "分组函数", + "languageDocumentation.documentationESQL.groupingFunctionsDocumentationESQLDescription": "这些分组函数可以与 `STATS...BY` 搭配使用:", "textBasedEditor.query.textBasedLanguagesEditor.hideQueriesLabel": "隐藏最近查询", "textBasedEditor.query.textBasedLanguagesEditor.lineCount": "{count} {count, plural, other {行}}", "textBasedEditor.query.textBasedLanguagesEditor.lineNumber": "第 {lineNumber} 行", - "languageDocumentationPopover.documentationESQL.operators": "运算符", - "languageDocumentationPopover.documentationESQL.operatorsDocumentationESQLDescription": "ES|QL 支持以下运算符:", - "languageDocumentationPopover.documentationESQL.processingCommands": "处理命令", - "languageDocumentationPopover.documentationESQL.processingCommandsDescription": "处理命令会通过添加、移除或更改行和列来更改输入表。ES|QL 支持以下处理命令。", + "languageDocumentation.documentationESQL.operators": "运算符", + "languageDocumentation.documentationESQL.operatorsDocumentationESQLDescription": "ES|QL 支持以下运算符:", + "languageDocumentation.documentationESQL.processingCommands": "处理命令", + "languageDocumentation.documentationESQL.processingCommandsDescription": "处理命令会通过添加、移除或更改行和列来更改输入表。ES|QL 支持以下处理命令。", "textBasedEditor.query.textBasedLanguagesEditor.querieshistory.error": "查询失败", "textBasedEditor.query.textBasedLanguagesEditor.querieshistory.success": "已成功运行查询", "textBasedEditor.query.textBasedLanguagesEditor.querieshistoryCopy": "复制查询到剪贴板", @@ -7345,7 +7345,7 @@ "textBasedEditor.query.textBasedLanguagesEditor.recentQueriesColumnLabel": "最近查询", "textBasedEditor.query.textBasedLanguagesEditor.runQuery": "运行查询", "textBasedEditor.query.textBasedLanguagesEditor.showQueriesLabel": "显示最近查询", - "languageDocumentationPopover.documentationESQL.sourceCommands": "源命令", + "languageDocumentation.documentationESQL.sourceCommands": "源命令", "textBasedEditor.query.textBasedLanguagesEditor.submitFeedback": "提交反馈", "textBasedEditor.query.textBasedLanguagesEditor.timeRanColumnLabel": "运行时间", "textBasedEditor.query.textBasedLanguagesEditor.timestampNotDetected": "未找到 @timestamp", @@ -20388,8 +20388,6 @@ "xpack.fleet.settings.agentPolicyAdvanced.agentLoggingLevelTitle": "代理日志记录级别", "xpack.fleet.settings.agentPolicyAdvanced.agentLoggingMetricsPeriodDescription": "记录内部 Elastic 代理指标的频率。", "xpack.fleet.settings.agentPolicyAdvanced.agentLoggingMetricsPeriodTitle": "代理日志记录指标期间", - "xpack.fleet.settings.agentPolicyAdvanced.agentMonitoringHttpDescription": "启用返回 Elastic 代理的整体运行状况的活性 HTTP 终端。例如,这可由 Kubernetes 用于重新启动容器。", - "xpack.fleet.settings.agentPolicyAdvanced.agentMonitoringHttpTitle": "HTTP 监测终端", "xpack.fleet.settings.agentPolicyAdvanced.downloadTimeoutDescription": "下载代理二进制文件时的超时值。", "xpack.fleet.settings.agentPolicyAdvanced.downloadTimeoutTitle": "代理二进制文件下载超时", "xpack.fleet.settings.agentPolicyAdvanced.downloadTimeoutValidationMessage": "必须为带时间单位的字符串,如 30s、5m、2h、1d", @@ -22627,12 +22625,10 @@ "xpack.indexLifecycleMgmt.editPolicy.searchableSnapshotLicenseCalloutTitle": "需要企业许可证", "xpack.indexLifecycleMgmt.editPolicy.searchableSnapshotRepoFieldLabel": "快照存储库", "xpack.indexLifecycleMgmt.editPolicy.searchableSnapshotRepoRequiredError": "快照存储库名称必填。", - "xpack.indexLifecycleMgmt.editPolicy.searchableSnapshotStorageFieldLabel": "可搜索快照存储", "xpack.indexLifecycleMgmt.editPolicy.showPolicyJsonButton": "显示请求", "xpack.indexLifecycleMgmt.editPolicy.shrink.configureShardCountLabel": "配置分片计数", "xpack.indexLifecycleMgmt.editPolicy.shrink.configureShardSizeLabel": "配置分片大小", "xpack.indexLifecycleMgmt.editPolicy.shrinkIndexExplanationText": "将索引缩小成具有较少主分片的新索引。", - "xpack.indexLifecycleMgmt.editPolicy.shrinkText": "缩小", "xpack.indexLifecycleMgmt.editPolicy.successfulSaveMessage": "{verb}生命周期策略“{lifecycleName}”", "xpack.indexLifecycleMgmt.editPolicy.timeUnits.daysLabel": "天", "xpack.indexLifecycleMgmt.editPolicy.timeUnits.hoursLabel": "小时", @@ -22743,10 +22739,8 @@ "xpack.indexLifecycleMgmt.policyTable.addLifecyclePolicyToTemplateConfirmModal.successMessage": "已将策略“{policyName}”添加到索引模板“{templateName}”。", "xpack.indexLifecycleMgmt.policyTable.addLifecyclePolicyToTemplateConfirmModal.templateHasPolicyWarningTitle": "模板已有策略", "xpack.indexLifecycleMgmt.policyTable.addLifecyclePolicyToTemplateConfirmModal.title": "将策略 “{name}” 添加到索引模板", - "xpack.indexLifecycleMgmt.policyTable.addPolicyToTemplateButtonText": "将策略添加到索引模板", "xpack.indexLifecycleMgmt.policyTable.captionText": "下表包含 {count, plural, other {# 个索引生命周期策略}}。", "xpack.indexLifecycleMgmt.policyTable.deletePolicyButtonDisabledTooltip": "您无法删除索引正在使用的策略", - "xpack.indexLifecycleMgmt.policyTable.deletePolicyButtonText": "删除策略", "xpack.indexLifecycleMgmt.policyTable.emptyPrompt.createButtonLabel": "创建策略", "xpack.indexLifecycleMgmt.policyTable.emptyPromptDescription": " 索引生命周期策略帮助您管理变旧的索引。", "xpack.indexLifecycleMgmt.policyTable.emptyPromptTitle": "创建您的首个索引生命周期索引", diff --git a/x-pack/test/accessibility/apps/group1/index_lifecycle_management.ts b/x-pack/test/accessibility/apps/group1/index_lifecycle_management.ts index d6b84aeee8760..c89f715afe1f3 100644 --- a/x-pack/test/accessibility/apps/group1/index_lifecycle_management.ts +++ b/x-pack/test/accessibility/apps/group1/index_lifecycle_management.ts @@ -132,8 +132,11 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { }); it('Edit policy', async () => { - const link = await findPolicyLinkInListView(POLICY_NAME); - await link.click(); + const policyRow = await testSubjects.find(`policyTableRow-${POLICY_NAME}`); + + const editPolicyButton = await policyRow.findByTestSubject('editPolicy'); + await editPolicyButton.click(); + await retry.waitFor('ILM edit form', async () => { return ( (await testSubjects.getVisibleText('policyTitle')) === `Edit policy ${POLICY_NAME}` @@ -143,8 +146,11 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { }); it('Request flyout', async () => { - const link = await findPolicyLinkInListView(POLICY_NAME); - await link.click(); + const policyRow = await testSubjects.find(`policyTableRow-${POLICY_NAME}`); + + const editPolicyButton = await policyRow.findByTestSubject('editPolicy'); + await editPolicyButton.click(); + await retry.waitFor('ILM request button', async () => { return testSubjects.exists('requestButton'); }); @@ -160,11 +166,25 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { }); }); + it('View policy flyout', async () => { + const link = await findPolicyLinkInListView(POLICY_NAME); + await link.click(); + + await retry.waitFor('View policy flyout to be present', async () => { + return testSubjects.isDisplayed('policyFlyoutTitle'); + }); + + await a11y.testAppSnapshot(); + }); + it('Add policy to index template modal', async () => { await filterByPolicyName(POLICY_NAME); const policyRow = await testSubjects.find(`policyTableRow-${POLICY_NAME}`); - const addPolicyButton = await policyRow.findByTestSubject('addPolicyToTemplate'); + const actionsButton = await policyRow.findByTestSubject('euiCollapsedItemActionsButton'); + await actionsButton.click(); + + const addPolicyButton = await testSubjects.find('addPolicyToTemplate'); await addPolicyButton.click(); await retry.waitFor('ILM add policy to index template modal to be present', async () => { @@ -177,8 +197,8 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { it('Delete policy modal', async () => { await filterByPolicyName(POLICY_NAME); const policyRow = await testSubjects.find(`policyTableRow-${POLICY_NAME}`); - const deleteButton = await policyRow.findByTestSubject('deletePolicy'); + const deleteButton = await policyRow.findByTestSubject('deletePolicy'); await deleteButton.click(); await retry.waitFor('ILM delete policy modal to be present', async () => { @@ -191,10 +211,13 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { it('Index templates flyout', async () => { await filterByPolicyName(POLICY_NAME); const policyRow = await testSubjects.find(`policyTableRow-${POLICY_NAME}`); - const actionsButton = await policyRow.findByTestSubject('viewIndexTemplates'); + const actionsButton = await policyRow.findByTestSubject('euiCollapsedItemActionsButton'); await actionsButton.click(); + const templatesButton = await testSubjects.find('viewIndexTemplates'); + await templatesButton.click(); + const flyoutTitleSelector = 'indexTemplatesFlyoutHeader'; await retry.waitFor('Index templates flyout', async () => { return testSubjects.isDisplayed(flyoutTitleSelector); diff --git a/x-pack/test/api_integration/apis/cloud_security_posture/status/status_index_timeout.ts b/x-pack/test/api_integration/apis/cloud_security_posture/status/status_index_timeout.ts index 6bce493c3f539..ce0c9014478dc 100644 --- a/x-pack/test/api_integration/apis/cloud_security_posture/status/status_index_timeout.ts +++ b/x-pack/test/api_integration/apis/cloud_security_posture/status/status_index_timeout.ts @@ -7,10 +7,10 @@ import expect from '@kbn/expect'; import type { CspSetupStatus } from '@kbn/cloud-security-posture-common'; import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; +import { CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN } from '@kbn/cloud-security-posture-common'; import { FINDINGS_INDEX_DEFAULT_NS, LATEST_FINDINGS_INDEX_DEFAULT_NS, - CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, VULNERABILITIES_INDEX_DEFAULT_NS, } from '@kbn/cloud-security-posture-plugin/common/constants'; import { generateAgent } from '../../../../fleet_api_integration/helpers'; diff --git a/x-pack/test/api_integration/apis/cloud_security_posture/status/status_indexed.ts b/x-pack/test/api_integration/apis/cloud_security_posture/status/status_indexed.ts index 9205788854869..504bb9f504516 100644 --- a/x-pack/test/api_integration/apis/cloud_security_posture/status/status_indexed.ts +++ b/x-pack/test/api_integration/apis/cloud_security_posture/status/status_indexed.ts @@ -6,11 +6,11 @@ */ import expect from '@kbn/expect'; import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; +import { CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN } from '@kbn/cloud-security-posture-common'; import type { CspSetupStatus } from '@kbn/cloud-security-posture-common'; import { FINDINGS_INDEX_DEFAULT_NS, LATEST_FINDINGS_INDEX_DEFAULT_NS, - CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, VULNERABILITIES_INDEX_DEFAULT_NS, } from '@kbn/cloud-security-posture-plugin/common/constants'; import { FtrProviderContext } from '../../../ftr_provider_context'; diff --git a/x-pack/test/api_integration/apis/cloud_security_posture/status/status_indexing.ts b/x-pack/test/api_integration/apis/cloud_security_posture/status/status_indexing.ts index a011d4f5577e8..4d66d8460b9a4 100644 --- a/x-pack/test/api_integration/apis/cloud_security_posture/status/status_indexing.ts +++ b/x-pack/test/api_integration/apis/cloud_security_posture/status/status_indexing.ts @@ -7,10 +7,10 @@ import expect from '@kbn/expect'; import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; import type { CspSetupStatus } from '@kbn/cloud-security-posture-common'; +import { CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN } from '@kbn/cloud-security-posture-common'; import { FINDINGS_INDEX_DEFAULT_NS, LATEST_FINDINGS_INDEX_DEFAULT_NS, - CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, VULNERABILITIES_INDEX_DEFAULT_NS, } from '@kbn/cloud-security-posture-plugin/common/constants'; import { FtrProviderContext } from '../../../ftr_provider_context'; diff --git a/x-pack/test/api_integration/apis/cloud_security_posture/status/status_unprivileged.ts b/x-pack/test/api_integration/apis/cloud_security_posture/status/status_unprivileged.ts index 1b576515d4f31..7c09e4b51f679 100644 --- a/x-pack/test/api_integration/apis/cloud_security_posture/status/status_unprivileged.ts +++ b/x-pack/test/api_integration/apis/cloud_security_posture/status/status_unprivileged.ts @@ -6,11 +6,11 @@ */ import expect from '@kbn/expect'; import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; +import { CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN } from '@kbn/cloud-security-posture-common'; import type { CspSetupStatus } from '@kbn/cloud-security-posture-common'; import { BENCHMARK_SCORE_INDEX_DEFAULT_NS, LATEST_FINDINGS_INDEX_DEFAULT_NS, - CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, FINDINGS_INDEX_PATTERN, } from '@kbn/cloud-security-posture-plugin/common/constants'; import { FtrProviderContext } from '../../../ftr_provider_context'; diff --git a/x-pack/test/api_integration/apis/synthetics/add_monitor_project.ts b/x-pack/test/api_integration/apis/synthetics/add_monitor_project.ts index 9498231c2ca73..074f318e77fcf 100644 --- a/x-pack/test/api_integration/apis/synthetics/add_monitor_project.ts +++ b/x-pack/test/api_integration/apis/synthetics/add_monitor_project.ts @@ -241,6 +241,7 @@ export default function ({ getService }: FtrProviderContext) { id: `${journeyId}-${project}-default`, hash: 'ekrjelkjrelkjre', max_attempts: 2, + labels: {}, }); } } finally { @@ -425,6 +426,7 @@ export default function ({ getService }: FtrProviderContext) { ipv6: true, ipv4: true, max_attempts: 2, + labels: {}, }); } } finally { @@ -542,6 +544,7 @@ export default function ({ getService }: FtrProviderContext) { ipv4: true, params: '', max_attempts: 2, + labels: {}, }); } } finally { @@ -656,6 +659,7 @@ export default function ({ getService }: FtrProviderContext) { ipv6: true, params: '', max_attempts: 2, + labels: {}, }); } } finally { diff --git a/x-pack/test/api_integration/apis/synthetics/fixtures/http_monitor.json b/x-pack/test/api_integration/apis/synthetics/fixtures/http_monitor.json index 20178f5bbb71b..47d0637a7cd91 100644 --- a/x-pack/test/api_integration/apis/synthetics/fixtures/http_monitor.json +++ b/x-pack/test/api_integration/apis/synthetics/fixtures/http_monitor.json @@ -78,5 +78,6 @@ "mode": "any", "ipv4": true, "ipv6": true, - "params": "" + "params": "", + "labels": {} } diff --git a/x-pack/test/api_integration/apis/synthetics/get_monitor.ts b/x-pack/test/api_integration/apis/synthetics/get_monitor.ts index fc75de4107440..114f7666e7965 100644 --- a/x-pack/test/api_integration/apis/synthetics/get_monitor.ts +++ b/x-pack/test/api_integration/apis/synthetics/get_monitor.ts @@ -203,6 +203,7 @@ export default function ({ getService }: FtrProviderContext) { revision: 1, locations: [LOCAL_LOCATION], name: 'Test HTTP Monitor 044', + labels: {}, }); }); diff --git a/x-pack/test/api_integration/services/security_solution_api.gen.ts b/x-pack/test/api_integration/services/security_solution_api.gen.ts index 44f928e98bd0f..9c92a7a095dae 100644 --- a/x-pack/test/api_integration/services/security_solution_api.gen.ts +++ b/x-pack/test/api_integration/services/security_solution_api.gen.ts @@ -229,8 +229,11 @@ after 30 days. It also deletes other artifacts specific to the migration impleme .send(props.body as object); }, /** - * Bulk upsert up to 1000 asset criticality records, creating or updating them as needed. - */ + * Bulk upsert up to 1000 asset criticality records. + +If asset criticality records already exist for the specified entities, those records are overwritten with the specified values. If asset criticality records don't exist for the specified entities, new records are created. + + */ bulkUpsertAssetCriticalityRecords(props: BulkUpsertAssetCriticalityRecordsProps) { return supertest .post('/api/asset_criticality/bulk') @@ -274,8 +277,11 @@ Migrations are initiated per index. While the process is neither destructive nor .send(props.body as object); }, /** - * Create or update a criticality record for a specific asset. - */ + * Create or update an asset criticality record for a specific entity. + +If a record already exists for the specified entity, that record is overwritten with the specified value. If a record doesn't exist for the specified entity, a new record is created. + + */ createAssetCriticalityRecord(props: CreateAssetCriticalityRecordProps) { return supertest .post('/api/asset_criticality') @@ -324,7 +330,7 @@ Migrations are initiated per index. While the process is neither destructive nor .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); }, /** - * Delete the asset criticality record for a specific asset if it exists. + * Delete the asset criticality record for a specific entity. */ deleteAssetCriticalityRecord(props: DeleteAssetCriticalityRecordProps) { return supertest @@ -665,7 +671,7 @@ finalize it. .query(props.query); }, /** - * Get the criticality record for a specific asset. + * Get the asset criticality record for a specific entity. */ getAssetCriticalityRecord(props: GetAssetCriticalityRecordProps) { return supertest @@ -1064,6 +1070,9 @@ detection engine rules. .send(props.body as object) .query(props.query); }, + /** + * Schedule the risk scoring engine to run as soon as possible. You can use this to recalculate entity risk scores after updating their asset criticality. + */ scheduleRiskEngineNow() { return supertest .post('/api/risk_score/engine/schedule_now') diff --git a/x-pack/test/cloud_security_posture_api/routes/helper/user_roles_utilites.ts b/x-pack/test/cloud_security_posture_api/routes/helper/user_roles_utilites.ts index 90a04f3307c61..2aed6367236e4 100644 --- a/x-pack/test/cloud_security_posture_api/routes/helper/user_roles_utilites.ts +++ b/x-pack/test/cloud_security_posture_api/routes/helper/user_roles_utilites.ts @@ -5,10 +5,12 @@ * 2.0. */ -import { CDR_LATEST_NATIVE_MISCONFIGURATIONS_INDEX_PATTERN } from '@kbn/cloud-security-posture-common'; import { - BENCHMARK_SCORE_INDEX_PATTERN, + CDR_LATEST_NATIVE_MISCONFIGURATIONS_INDEX_PATTERN, CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, +} from '@kbn/cloud-security-posture-common'; +import { + BENCHMARK_SCORE_INDEX_PATTERN, ALERTS_INDEX_PATTERN, FINDINGS_INDEX_PATTERN, } from '@kbn/cloud-security-posture-plugin/common/constants'; diff --git a/x-pack/test/fleet_api_integration/apis/agent_policy/agent_policy.ts b/x-pack/test/fleet_api_integration/apis/agent_policy/agent_policy.ts index 2bc3f68867002..f601743e394ec 100644 --- a/x-pack/test/fleet_api_integration/apis/agent_policy/agent_policy.ts +++ b/x-pack/test/fleet_api_integration/apis/agent_policy/agent_policy.ts @@ -532,6 +532,86 @@ export default function (providerContext: FtrProviderContext) { }); } }); + + it('should create policy with advanced monitoring options', async () => { + const { + body: { item: createdPolicy }, + } = await supertest + .post(`/api/fleet/agent_policies?sys_monitoring=true`) + .set('kbn-xsrf', 'xxxx') + .send({ + name: 'advanced monitoring test', + namespace: 'default', + monitoring_pprof_enabled: true, + monitoring_http: { + host: 'localhost', + port: 6791, + enabled: true, + }, + monitoring_diagnostics: { + limit: { + interval: '1m', + burst: 1, + }, + uploader: { + max_retries: 10, + init_dur: '1s', + max_dur: '10m', + }, + }, + }) + .expect(200); + + const policyResponse = await supertest + .get(`/api/fleet/agent_policies/${createdPolicy.id}`) + .expect(200); + expect(policyResponse.body.item.monitoring_pprof_enabled).to.eql(true); + expect(policyResponse.body.item.monitoring_http).to.eql({ + host: 'localhost', + port: 6791, + enabled: true, + }); + expect(policyResponse.body.item.monitoring_diagnostics).to.eql({ + limit: { + interval: '1m', + burst: 1, + }, + uploader: { + max_retries: 10, + init_dur: '1s', + max_dur: '10m', + }, + }); + + const fullPolicyResponse = await supertest + .get(`/api/fleet/agent_policies/${createdPolicy.id}/full`) + .expect(200); + expect(fullPolicyResponse.body.item.agent.monitoring).to.eql({ + enabled: true, + logs: false, + metrics: false, + traces: false, + pprof: { + enabled: true, + }, + http: { + enabled: true, + host: 'localhost', + port: 6791, + }, + diagnostics: { + limit: { + interval: '1m', + burst: 1, + }, + uploader: { + max_retries: 10, + init_dur: '1s', + max_dur: '10m', + }, + }, + }); + }); }); describe('POST /api/fleet/agent_policies/{agentPolicyId}/copy', () => { @@ -978,6 +1058,65 @@ export default function (providerContext: FtrProviderContext) { expect(newPolicy.global_data_tags).to.eql([{ name: 'testName', value: 'testValue' }]); }); + + it('should copy advanced monitoring options', async () => { + const { + body: { item: policyWithAdvancedMonitoring }, + } = await supertest + .post(`/api/fleet/agent_policies`) + .set('kbn-xsrf', 'xxxx') + .send({ + name: 'advanced monitoring test', + namespace: 'default', + monitoring_pprof_enabled: true, + monitoring_http: { + host: 'localhost', + port: 6791, + enabled: true, + }, + monitoring_diagnostics: { + limit: { + interval: '1m', + burst: 1, + }, + uploader: { + max_retries: 10, + init_dur: '1s', + max_dur: '10m', + }, + }, + }) + .expect(200); + + const { + body: { item: newPolicy }, + } = await supertest + .post(`/api/fleet/agent_policies/${policyWithAdvancedMonitoring.id}/copy`) + .set('kbn-xsrf', 'xxxx') + .send({ + name: 'advanced monitoring test copy', + description: 'Test', + }) + .expect(200); + + expect(newPolicy.monitoring_pprof_enabled).to.eql(true); + expect(newPolicy.monitoring_http).to.eql({ + host: 'localhost', + port: 6791, + enabled: true, + }); + expect(newPolicy.monitoring_diagnostics).to.eql({ + limit: { + interval: '1m', + burst: 1, + }, + uploader: { + max_retries: 10, + init_dur: '1s', + max_dur: '10m', + }, + }); + }); }); describe('PUT /api/fleet/agent_policies/{agentPolicyId}', () => { diff --git a/x-pack/test/fleet_api_integration/apis/epm/__snapshots__/bulk_get_assets.snap b/x-pack/test/fleet_api_integration/apis/epm/__snapshots__/bulk_get_assets.snap index 5fd219958c319..37c7882fff203 100644 --- a/x-pack/test/fleet_api_integration/apis/epm/__snapshots__/bulk_get_assets.snap +++ b/x-pack/test/fleet_api_integration/apis/epm/__snapshots__/bulk_get_assets.snap @@ -62,6 +62,12 @@ Array [ "id": "logs-all_assets.test_logs@package", "type": "component_template", }, + Object { + "appLink": "/app/management/data/index_management/component_templates/logs@custom", + "attributes": Object {}, + "id": "logs@custom", + "type": "component_template", + }, Object { "appLink": "/app/management/data/index_management/component_templates/logs-all_assets.test_logs@custom", "attributes": Object {}, @@ -80,6 +86,12 @@ Array [ "id": "metrics-all_assets.test_metrics@package", "type": "component_template", }, + Object { + "appLink": "/app/management/data/index_management/component_templates/metrics@custom", + "attributes": Object {}, + "id": "metrics@custom", + "type": "component_template", + }, Object { "appLink": "/app/management/data/index_management/component_templates/metrics-all_assets.test_metrics@custom", "attributes": Object {}, diff --git a/x-pack/test/fleet_api_integration/apis/epm/install_by_upload.ts b/x-pack/test/fleet_api_integration/apis/epm/install_by_upload.ts index 30b2eacce0fb7..331cae3058bf1 100644 --- a/x-pack/test/fleet_api_integration/apis/epm/install_by_upload.ts +++ b/x-pack/test/fleet_api_integration/apis/epm/install_by_upload.ts @@ -97,7 +97,7 @@ export default function (providerContext: FtrProviderContext) { it('should install a tar archive correctly', async function () { const res = await uploadPackage(); - expect(res.body.items.length).to.be(30); + expect(res.body.items.length).to.be(32); }); it('should upgrade when uploading a newer zip archive', async () => { @@ -111,7 +111,7 @@ export default function (providerContext: FtrProviderContext) { .type('application/zip') .send(buf) .expect(200); - expect(res.body.items.length).to.be(30); + expect(res.body.items.length).to.be(32); expect(res.body.items.some((item: any) => item.id.includes(testPkgNewVersion))); await deletePackage(testPkgName, testPkgNewVersion); @@ -182,7 +182,7 @@ export default function (providerContext: FtrProviderContext) { .type('application/zip') .send(buf) .expect(200); - expect(res.body.items.length).to.be(30); + expect(res.body.items.length).to.be(32); }); it('should throw an error if the archive is zip but content type is gzip', async function () { diff --git a/x-pack/test/fleet_api_integration/apis/epm/install_overrides.ts b/x-pack/test/fleet_api_integration/apis/epm/install_overrides.ts index 36f98fb3434b3..8b85502bdf5ad 100644 --- a/x-pack/test/fleet_api_integration/apis/epm/install_overrides.ts +++ b/x-pack/test/fleet_api_integration/apis/epm/install_overrides.ts @@ -61,6 +61,7 @@ export default function (providerContext: FtrProviderContext) { `logs@mappings`, `logs@settings`, `${templateName}@package`, + 'logs@custom', `${templateName}@custom`, `ecs@mappings`, '.fleet_globals-1', diff --git a/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts b/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts index 24564014633f2..fc8225e9df02d 100644 --- a/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts +++ b/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts @@ -599,6 +599,10 @@ const expectAssetsInstalled = ({ id: 'logs-all_assets.test_logs@package', type: 'component_template', }, + { + id: 'logs@custom', + type: 'component_template', + }, { id: 'logs-all_assets.test_logs@custom', type: 'component_template', @@ -607,6 +611,10 @@ const expectAssetsInstalled = ({ id: 'metrics-all_assets.test_metrics@package', type: 'component_template', }, + { + id: 'metrics@custom', + type: 'component_template', + }, { id: 'metrics-all_assets.test_metrics@custom', type: 'component_template', diff --git a/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts b/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts index 69aedb72947bd..17d54786245af 100644 --- a/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts +++ b/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts @@ -417,6 +417,10 @@ export default function (providerContext: FtrProviderContext) { id: 'logs-all_assets.test_logs@package', type: 'component_template', }, + { + id: 'logs@custom', + type: 'component_template', + }, { id: 'logs-all_assets.test_logs@custom', type: 'component_template', @@ -441,6 +445,11 @@ export default function (providerContext: FtrProviderContext) { id: 'metrics-all_assets.test_metrics@package', type: 'component_template', }, + + { + id: 'metrics@custom', + type: 'component_template', + }, { id: 'metrics-all_assets.test_metrics@custom', type: 'component_template', diff --git a/x-pack/test/fleet_api_integration/apis/package_policy/input_package_create_upgrade.ts b/x-pack/test/fleet_api_integration/apis/package_policy/input_package_create_upgrade.ts index 77aeadcae93a7..481f4e09c68d9 100644 --- a/x-pack/test/fleet_api_integration/apis/package_policy/input_package_create_upgrade.ts +++ b/x-pack/test/fleet_api_integration/apis/package_policy/input_package_create_upgrade.ts @@ -207,6 +207,7 @@ export default function (providerContext: FtrProviderContext) { { id: 'logs-dataset1', type: 'index_template' }, { id: 'logs-dataset1@package', type: 'component_template' }, { id: 'logs-dataset1@custom', type: 'component_template' }, + { id: 'logs@custom', type: 'component_template' }, ]); // now check the package component template was created correctly diff --git a/x-pack/test/fleet_api_integration/apis/package_policy/update.ts b/x-pack/test/fleet_api_integration/apis/package_policy/update.ts index 971ed42b578df..273f051dfcec6 100644 --- a/x-pack/test/fleet_api_integration/apis/package_policy/update.ts +++ b/x-pack/test/fleet_api_integration/apis/package_policy/update.ts @@ -948,6 +948,7 @@ export default function (providerContext: FtrProviderContext) { { id: 'logs-somedataset', type: 'index_template' }, { id: 'logs-somedataset@package', type: 'component_template' }, { id: 'logs-somedataset@custom', type: 'component_template' }, + { id: 'logs@custom', type: 'component_template' }, ]); const dataset3PkgComponentTemplate = await getComponentTemplate('logs-somedataset@package'); diff --git a/x-pack/test/fleet_api_integration/apis/package_policy/upgrade.ts b/x-pack/test/fleet_api_integration/apis/package_policy/upgrade.ts index 6982878c7d111..021eebcdcc0c1 100644 --- a/x-pack/test/fleet_api_integration/apis/package_policy/upgrade.ts +++ b/x-pack/test/fleet_api_integration/apis/package_policy/upgrade.ts @@ -1317,6 +1317,8 @@ export default function (providerContext: FtrProviderContext) { for (let i = 0; i < POLICY_COUNT; i++) { await createPackagePolicy(i.toString()); } + + expectedAssets.push({ id: 'logs@custom', type: 'component_template' }); }); afterEach(async function () { diff --git a/x-pack/test/functional/apps/index_lifecycle_management/home_page.ts b/x-pack/test/functional/apps/index_lifecycle_management/home_page.ts index 8d32181210fcd..c7dd3acaaf7eb 100644 --- a/x-pack/test/functional/apps/index_lifecycle_management/home_page.ts +++ b/x-pack/test/functional/apps/index_lifecycle_management/home_page.ts @@ -68,6 +68,12 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { snapshotRepository: repoName, }); + await retry.waitFor('policy flyout', async () => { + return (await pageObjects.indexLifecycleManagement.flyoutHeaderText()) === policyName; + }); + + await pageObjects.indexLifecycleManagement.closePolicyFlyout(); + await retry.waitFor('navigation back to home page.', async () => { return ( (await pageObjects.indexLifecycleManagement.pageHeaderText()) === diff --git a/x-pack/test/functional/apps/index_lifecycle_management/index.ts b/x-pack/test/functional/apps/index_lifecycle_management/index.ts index 38b5803bd77ef..193d4a026829f 100644 --- a/x-pack/test/functional/apps/index_lifecycle_management/index.ts +++ b/x-pack/test/functional/apps/index_lifecycle_management/index.ts @@ -11,5 +11,6 @@ export default ({ loadTestFile }: FtrProviderContext) => { describe('Index Lifecycle Management app', function () { loadTestFile(require.resolve('./feature_controls')); loadTestFile(require.resolve('./home_page')); + loadTestFile(require.resolve('./read_only_view')); }); }; diff --git a/x-pack/test/functional/apps/index_lifecycle_management/read_only_view.ts b/x-pack/test/functional/apps/index_lifecycle_management/read_only_view.ts new file mode 100644 index 0000000000000..030074a97b4bd --- /dev/null +++ b/x-pack/test/functional/apps/index_lifecycle_management/read_only_view.ts @@ -0,0 +1,43 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from '@kbn/expect'; +import { FtrProviderContext } from '../../ftr_provider_context'; + +export default ({ getPageObjects, getService }: FtrProviderContext) => { + const pageObjects = getPageObjects(['common', 'indexLifecycleManagement']); + const log = getService('log'); + const retry = getService('retry'); + const security = getService('security'); + + describe('Read only view', function () { + before(async () => { + await security.testUser.setRoles(['read_ilm']); + + await pageObjects.common.navigateToApp('indexLifecycleManagement'); + }); + after(async () => { + await security.testUser.restoreDefaults(); + }); + + it('Loads the app', async () => { + await log.debug('Checking for page header'); + const headerText = await pageObjects.indexLifecycleManagement.pageHeaderText(); + expect(headerText).to.be('Index Lifecycle Policies'); + + const createPolicyButtonExists = + await pageObjects.indexLifecycleManagement.createPolicyButtonExists(); + expect(createPolicyButtonExists).to.be(false); + + await pageObjects.indexLifecycleManagement.clickPolicyNameLink(0); + await retry.waitFor('flyout to be visible', async () => { + const flyoutHeader = await pageObjects.indexLifecycleManagement.flyoutHeader(); + return await flyoutHeader.isDisplayed(); + }); + }); + }); +}; diff --git a/x-pack/test/functional/apps/ml/anomaly_detection_result_views/anomaly_explorer.ts b/x-pack/test/functional/apps/ml/anomaly_detection_result_views/anomaly_explorer.ts index c323356c73e6e..e4d87f05bc9a5 100644 --- a/x-pack/test/functional/apps/ml/anomaly_detection_result_views/anomaly_explorer.ts +++ b/x-pack/test/functional/apps/ml/anomaly_detection_result_views/anomaly_explorer.ts @@ -31,6 +31,15 @@ const JOB_CONFIG: Job = { model_plot_config: { enabled: true }, }; +const JOB_CONFIG_NO_INFLUENCERS: Job = { + ...JOB_CONFIG, + job_id: `${JOB_CONFIG.job_id}_no_influencers`, + analysis_config: { + ...JOB_CONFIG.analysis_config, + influencers: [], + }, +}; + // @ts-expect-error not full interface const DATAFEED_CONFIG: Datafeed = { datafeed_id: 'datafeed-fq_multi_1_ae', @@ -39,7 +48,13 @@ const DATAFEED_CONFIG: Datafeed = { query: { bool: { must: [{ match_all: {} }] } }, }; -const testDataList = [ +const DATAFEED_CONFIG_NO_INFLUENCERS: Datafeed = { + ...DATAFEED_CONFIG, + datafeed_id: `datafeed-${JOB_CONFIG_NO_INFLUENCERS.job_id}`, + job_id: JOB_CONFIG_NO_INFLUENCERS.job_id, +}; + +const testDataListWithInfluencers = [ { suiteSuffix: 'with farequote based multi metric job', jobConfig: JOB_CONFIG, @@ -56,6 +71,17 @@ const testDataList = [ }, ]; +const testDataListWithNoInfluencers = [ + { + suiteSuffix: 'with no influencers', + jobConfig: JOB_CONFIG_NO_INFLUENCERS, + datafeedConfig: DATAFEED_CONFIG_NO_INFLUENCERS, + expected: { + influencers: [], + }, + }, +]; + const cellSize = 15; const overallSwimLaneTestSubj = 'mlAnomalyExplorerSwimlaneOverall'; @@ -70,7 +96,6 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { describe('anomaly explorer', function () { this.tags(['ml']); - before(async () => { await esArchiver.loadIfNeeded('x-pack/test/functional/es_archives/ml/farequote'); await ml.testResources.createDataViewIfNeeded('ft_farequote', '@timestamp'); @@ -85,495 +110,531 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { await ml.testResources.deleteDataViewByTitle('ft_farequote'); }); - for (const testData of testDataList) { - describe(testData.suiteSuffix, function () { - before(async () => { - await ml.api.createAndRunAnomalyDetectionLookbackJob( - testData.jobConfig, - testData.datafeedConfig - ); - }); + describe('with influencers', function () { + for (const testData of testDataListWithInfluencers) { + describe(testData.suiteSuffix, function () { + before(async () => { + await ml.api.createAndRunAnomalyDetectionLookbackJob( + testData.jobConfig, + testData.datafeedConfig + ); + }); - after(async () => { - await elasticChart.setNewChartUiDebugFlag(false); - await ml.api.cleanMlIndices(); - }); + after(async () => { + await elasticChart.setNewChartUiDebugFlag(false); + await ml.api.cleanMlIndices(); + }); - it('opens a job from job list link', async () => { - await ml.testExecution.logTestStep('navigate to job list'); - await ml.navigation.navigateToMl(); - // Set debug state has to happen at this point - // because page refresh happens after navigation to the ML app. - await elasticChart.setNewChartUiDebugFlag(true); - await ml.navigation.navigateToJobManagement(); + it('opens a job from job list link', async () => { + await ml.testExecution.logTestStep('navigate to job list'); + await ml.navigation.navigateToMl(); + // Set debug state has to happen at this point + // because page refresh happens after navigation to the ML app. + await elasticChart.setNewChartUiDebugFlag(true); + await ml.navigation.navigateToJobManagement(); - await ml.testExecution.logTestStep('open job in anomaly explorer'); - await ml.jobTable.filterWithSearchString(testData.jobConfig.job_id, 1); + await ml.testExecution.logTestStep('open job in anomaly explorer'); + await ml.jobTable.filterWithSearchString(testData.jobConfig.job_id, 1); - await ml.jobTable.clickOpenJobInAnomalyExplorerButton(testData.jobConfig.job_id); - await ml.commonUI.waitForMlLoadingIndicatorToDisappear(); - }); + await ml.jobTable.clickOpenJobInAnomalyExplorerButton(testData.jobConfig.job_id); + await ml.commonUI.waitForMlLoadingIndicatorToDisappear(); + }); - it('displays job results', async () => { - await ml.testExecution.logTestStep('pre-fills the job selection'); - await ml.jobSelection.assertJobSelection([testData.jobConfig.job_id]); + it('displays job results', async () => { + await ml.testExecution.logTestStep('pre-fills the job selection'); + await ml.jobSelection.assertJobSelection([testData.jobConfig.job_id]); - await ml.testExecution.logTestStep('displays the influencers list'); - await ml.anomalyExplorer.assertInfluencerListExists(); - for (const influencerBlock of testData.expected.influencers) { - await ml.anomalyExplorer.assertInfluencerFieldExists(influencerBlock.field); - await ml.anomalyExplorer.assertInfluencerFieldListLength( - influencerBlock.field, - influencerBlock.count - ); - for (const influencerLabel of influencerBlock.labelsContained) { - await ml.anomalyExplorer.assertInfluencerListContainsLabel( + await ml.testExecution.logTestStep('displays the influencers list'); + await ml.anomalyExplorer.assertInfluencerListExists(); + for (const influencerBlock of testData.expected.influencers) { + await ml.anomalyExplorer.assertInfluencerFieldExists(influencerBlock.field); + await ml.anomalyExplorer.assertInfluencerFieldListLength( influencerBlock.field, - influencerLabel + influencerBlock.count ); + for (const influencerLabel of influencerBlock.labelsContained) { + await ml.anomalyExplorer.assertInfluencerListContainsLabel( + influencerBlock.field, + influencerLabel + ); + } } - } - - await ml.testExecution.logTestStep('displays the swim lanes'); - await ml.anomalyExplorer.assertOverallSwimlaneExists(); - await ml.anomalyExplorer.assertSwimlaneViewByExists(); - - await ml.testExecution.logTestStep('should display the annotations panel'); - await ml.anomalyExplorer.assertAnnotationsPanelExists('loaded'); - await ml.testExecution.logTestStep('displays the anomalies table'); - await ml.anomaliesTable.assertTableExists(); + await ml.testExecution.logTestStep('displays the swim lanes'); + await ml.anomalyExplorer.assertOverallSwimlaneExists(); + await ml.anomalyExplorer.assertSwimlaneViewByExists(); - await ml.testExecution.logTestStep('anomalies table is not empty'); - await ml.anomaliesTable.assertTableNotEmpty(); - }); + await ml.testExecution.logTestStep('should display the annotations panel'); + await ml.anomalyExplorer.assertAnnotationsPanelExists('loaded'); - it('should allow filtering by influencer', async () => { - const fieldName = testData.expected.influencers[0].field; - const fieldValue = testData.expected.influencers[0].labelsContained[0]; + await ml.testExecution.logTestStep('displays the anomalies table'); + await ml.anomaliesTable.assertTableExists(); - await ml.testExecution.logTestStep( - 'adds influencer filter by clicking on the influencer add filter button' - ); - await ml.anomalyExplorer.addFilterForInfluencer(fieldName, fieldValue); - await ml.testExecution.logTestStep('query bar and table rows reflect filter'); - await ml.anomalyExplorer.assertQueryBarContent(`${fieldName}:"${fieldValue}"`); - await ml.anomaliesTable.assertInfluencersCellsContainFilter( - `${fieldName}: ${fieldValue}` - ); - await ml.testExecution.logTestStep('influencers list and swimlane reflect filter'); - await ml.swimLane.assertAxisLabels(viewBySwimLaneTestSubj, 'y', [fieldValue]); - await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 1); - await ml.testExecution.logTestStep( - 'removes influencer filter by clicking on the influencer remove filter button' - ); - await ml.anomalyExplorer.removeFilterForInfluencer(fieldName, fieldValue); - await ml.testExecution.logTestStep('query bar reflects filter removal'); - await ml.anomalyExplorer.assertQueryBarContent(''); - await ml.testExecution.logTestStep( - 'influencers list and swimlane reflect filter removal' - ); - await ml.swimLane.assertAxisLabels(viewBySwimLaneTestSubj, 'y', [ - 'AAL', - 'EGF', - 'VRD', - 'SWR', - 'JZA', - 'AMX', - 'TRS', - 'ACA', - 'BAW', - 'ASA', - ]); - await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 10); - }); + await ml.testExecution.logTestStep('anomalies table is not empty'); + await ml.anomaliesTable.assertTableNotEmpty(); + }); - it('has enabled Single Metric Viewer button', async () => { - await ml.anomalyExplorer.assertSingleMetricViewerButtonEnabled(true); - }); + it('should allow filtering by influencer', async () => { + const fieldName = testData.expected.influencers[0].field; + const fieldValue = testData.expected.influencers[0].labelsContained[0]; - it('renders Overall swim lane', async () => { - await ml.testExecution.logTestStep('has correct axes labels'); - // The showTimeline prop is set to false and no axis labels are rendered - await ml.swimLane.assertAxisLabels(overallSwimLaneTestSubj, 'x', []); - await ml.swimLane.assertAxisLabels(overallSwimLaneTestSubj, 'y', ['Overall']); - }); + await ml.testExecution.logTestStep( + 'adds influencer filter by clicking on the influencer add filter button' + ); + await ml.anomalyExplorer.addFilterForInfluencer(fieldName, fieldValue); + await ml.testExecution.logTestStep('query bar and table rows reflect filter'); + await ml.anomalyExplorer.assertQueryBarContent(`${fieldName}:"${fieldValue}"`); + await ml.anomaliesTable.assertInfluencersCellsContainFilter( + `${fieldName}: ${fieldValue}` + ); + await ml.testExecution.logTestStep('influencers list and swimlane reflect filter'); + await ml.swimLane.assertAxisLabels(viewBySwimLaneTestSubj, 'y', [fieldValue]); + await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 1); + await ml.testExecution.logTestStep( + 'removes influencer filter by clicking on the influencer remove filter button' + ); + await ml.anomalyExplorer.removeFilterForInfluencer(fieldName, fieldValue); + await ml.testExecution.logTestStep('query bar reflects filter removal'); + await ml.anomalyExplorer.assertQueryBarContent(''); + await ml.testExecution.logTestStep( + 'influencers list and swimlane reflect filter removal' + ); + await ml.swimLane.assertAxisLabels(viewBySwimLaneTestSubj, 'y', [ + 'AAL', + 'EGF', + 'VRD', + 'SWR', + 'JZA', + 'AMX', + 'TRS', + 'ACA', + 'BAW', + 'ASA', + ]); + await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 10); + }); - it('renders View By swim lane', async () => { - await ml.testExecution.logTestStep('has correct axes labels'); - await ml.swimLane.assertAxisLabels(viewBySwimLaneTestSubj, 'x', [ - '2016-02-07 00:00', - '2016-02-07 20:00', - '2016-02-08 16:00', - '2016-02-09 12:00', - '2016-02-10 08:00', - '2016-02-11 04:00', - ]); - await ml.swimLane.assertAxisLabels(viewBySwimLaneTestSubj, 'y', [ - 'AAL', - 'EGF', - 'VRD', - 'SWR', - 'JZA', - 'AMX', - 'TRS', - 'ACA', - 'BAW', - 'ASA', - ]); - }); + it('has enabled Single Metric Viewer button', async () => { + await ml.anomalyExplorer.assertSingleMetricViewerButtonEnabled(true); + }); - it('supports cell selection by click on Overall swim lane', async () => { - await ml.testExecution.logTestStep('checking page state before the cell selection'); - await ml.anomalyExplorer.assertClearSelectionButtonVisible(false); - await ml.anomaliesTable.assertTableRowsCount(25); - await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 10); - await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(0); - - await ml.testExecution.logTestStep('clicks on the Overall swim lane cell'); - const sampleCell = (await ml.swimLane.getCells(overallSwimLaneTestSubj))[0]; - await ml.swimLane.selectSingleCell(overallSwimLaneTestSubj, { - x: sampleCell.x + cellSize, - y: sampleCell.y + cellSize, + it('renders Overall swim lane', async () => { + await ml.testExecution.logTestStep('has correct axes labels'); + // The showTimeline prop is set to false and no axis labels are rendered + await ml.swimLane.assertAxisLabels(overallSwimLaneTestSubj, 'x', []); + await ml.swimLane.assertAxisLabels(overallSwimLaneTestSubj, 'y', ['Overall']); }); - await ml.swimLane.waitForSwimLanesToLoad(); - // TODO extend cell data with X and Y values, and cell width - await ml.swimLane.assertSelection(overallSwimLaneTestSubj, { - x: [1454846400000, 1454860800000], - y: ['Overall'], + it('renders View By swim lane', async () => { + await ml.testExecution.logTestStep('has correct axes labels'); + await ml.swimLane.assertAxisLabels(viewBySwimLaneTestSubj, 'x', [ + '2016-02-07 00:00', + '2016-02-07 20:00', + '2016-02-08 16:00', + '2016-02-09 12:00', + '2016-02-10 08:00', + '2016-02-11 04:00', + ]); + await ml.swimLane.assertAxisLabels(viewBySwimLaneTestSubj, 'y', [ + 'AAL', + 'EGF', + 'VRD', + 'SWR', + 'JZA', + 'AMX', + 'TRS', + 'ACA', + 'BAW', + 'ASA', + ]); }); - await ml.anomalyExplorer.assertClearSelectionButtonVisible(true); - await ml.testExecution.logTestStep('updates the View By swim lane'); - await ml.swimLane.assertAxisLabels(viewBySwimLaneTestSubj, 'y', ['EGF', 'DAL']); + it('supports cell selection by click on Overall swim lane', async () => { + await ml.testExecution.logTestStep('checking page state before the cell selection'); + await ml.anomalyExplorer.assertClearSelectionButtonVisible(false); + await ml.anomaliesTable.assertTableRowsCount(25); + await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 10); + await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(0); - await ml.testExecution.logTestStep('renders anomaly explorer charts'); - await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(5); + await ml.testExecution.logTestStep('clicks on the Overall swim lane cell'); + const sampleCell = (await ml.swimLane.getCells(overallSwimLaneTestSubj))[0]; + await ml.swimLane.selectSingleCell(overallSwimLaneTestSubj, { + x: sampleCell.x + cellSize, + y: sampleCell.y + cellSize, + }); + await ml.swimLane.waitForSwimLanesToLoad(); - await ml.testExecution.logTestStep('updates top influencers list'); - await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 2); + // TODO extend cell data with X and Y values, and cell width + await ml.swimLane.assertSelection(overallSwimLaneTestSubj, { + x: [1454846400000, 1454860800000], + y: ['Overall'], + }); + await ml.anomalyExplorer.assertClearSelectionButtonVisible(true); - await ml.testExecution.logTestStep('updates anomalies table'); - await ml.anomaliesTable.assertTableRowsCount(4); + await ml.testExecution.logTestStep('updates the View By swim lane'); + await ml.swimLane.assertAxisLabels(viewBySwimLaneTestSubj, 'y', ['EGF', 'DAL']); - await ml.testExecution.logTestStep('updates the URL state'); - await ml.navigation.assertCurrentURLContains( - 'selectedLanes%3A!(Overall)%2CselectedTimes%3A!(1454846400%2C1454860800)%2CselectedType%3Aoverall%2CshowTopFieldValues%3A!t' - ); + await ml.testExecution.logTestStep('renders anomaly explorer charts'); + await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(5); - await ml.testExecution.logTestStep('restores app state from the URL state'); - await browser.refresh(); - await elasticChart.setNewChartUiDebugFlag(true); - await ml.swimLane.waitForSwimLanesToLoad(); - await ml.swimLane.assertSelection(overallSwimLaneTestSubj, { - x: [1454846400000, 1454860800000], - y: ['Overall'], - }); - await ml.swimLane.assertAxisLabels(viewBySwimLaneTestSubj, 'y', ['EGF', 'DAL']); - await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(5); - await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 2); - await ml.anomaliesTable.assertTableRowsCount(4); + await ml.testExecution.logTestStep('updates top influencers list'); + await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 2); - await ml.testExecution.logTestStep('clears the selection'); - await ml.anomalyExplorer.clearSwimLaneSelection(); - await ml.swimLane.waitForSwimLanesToLoad(); + await ml.testExecution.logTestStep('updates anomalies table'); + await ml.anomaliesTable.assertTableRowsCount(4); - await ml.navigation.assertCurrentURLNotContain( - 'selectedLanes%3A!(Overall)%2CselectedTimes%3A!(1454846400%2C1454860800)%2CselectedType%3Aoverall%2CshowTopFieldValues%3A!t%2CviewByFieldName%3Aairline%2CviewByFromPage%3A1%2CviewByPerPage%3A10' - ); - await ml.anomaliesTable.assertTableRowsCount(25); - await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 10); - await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(0); - }); + await ml.testExecution.logTestStep('updates the URL state'); + await ml.navigation.assertCurrentURLContains( + 'selectedLanes%3A!(Overall)%2CselectedTimes%3A!(1454846400%2C1454860800)%2CselectedType%3Aoverall%2CshowTopFieldValues%3A!t' + ); - it('allows to change the swim lane pagination', async () => { - await ml.testExecution.logTestStep('checks default pagination'); - await ml.swimLane.assertPageSize(viewBySwimLaneTestSubj, 10); - await ml.swimLane.assertActivePage(viewBySwimLaneTestSubj, 1); + await ml.testExecution.logTestStep('restores app state from the URL state'); + await browser.refresh(); + await elasticChart.setNewChartUiDebugFlag(true); + await ml.swimLane.waitForSwimLanesToLoad(); + await ml.swimLane.assertSelection(overallSwimLaneTestSubj, { + x: [1454846400000, 1454860800000], + y: ['Overall'], + }); + await ml.swimLane.assertAxisLabels(viewBySwimLaneTestSubj, 'y', ['EGF', 'DAL']); + await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(5); + await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 2); + await ml.anomaliesTable.assertTableRowsCount(4); - await ml.testExecution.logTestStep('updates pagination'); - await ml.swimLane.setPageSize(viewBySwimLaneTestSubj, 5); + await ml.testExecution.logTestStep('clears the selection'); + await ml.anomalyExplorer.clearSwimLaneSelection(); + await ml.swimLane.waitForSwimLanesToLoad(); - await ml.swimLane.assertAxisLabelCount(viewBySwimLaneTestSubj, 'y', 5); + await ml.navigation.assertCurrentURLNotContain( + 'selectedLanes%3A!(Overall)%2CselectedTimes%3A!(1454846400%2C1454860800)%2CselectedType%3Aoverall%2CshowTopFieldValues%3A!t%2CviewByFieldName%3Aairline%2CviewByFromPage%3A1%2CviewByPerPage%3A10' + ); + await ml.anomaliesTable.assertTableRowsCount(25); + await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 10); + await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(0); + }); - await ml.swimLane.selectPage(viewBySwimLaneTestSubj, 3); + it('allows to change the swim lane pagination', async () => { + await ml.testExecution.logTestStep('checks default pagination'); + await ml.swimLane.assertPageSize(viewBySwimLaneTestSubj, 10); + await ml.swimLane.assertActivePage(viewBySwimLaneTestSubj, 1); - await ml.testExecution.logTestStep('resets pagination'); - await ml.swimLane.setPageSize(viewBySwimLaneTestSubj, 10); - await ml.swimLane.assertActivePage(viewBySwimLaneTestSubj, 1); - }); + await ml.testExecution.logTestStep('updates pagination'); + await ml.swimLane.setPageSize(viewBySwimLaneTestSubj, 5); - it('supports cell selection by click on View By swim lane', async () => { - await ml.testExecution.logTestStep('checking page state before the cell selection'); - await ml.anomalyExplorer.assertClearSelectionButtonVisible(false); - await ml.anomaliesTable.assertTableRowsCount(25); - await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 10); - await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(0); - - await ml.testExecution.logTestStep('clicks on the View By swim lane cell'); - await ml.anomalyExplorer.assertSwimlaneViewByExists(); - const sampleCell = (await ml.swimLane.getCells(viewBySwimLaneTestSubj))[0]; - await ml.swimLane.selectSingleCell(viewBySwimLaneTestSubj, { - x: sampleCell.x + cellSize, - y: sampleCell.y + cellSize, - }); - await ml.swimLane.waitForSwimLanesToLoad(); + await ml.swimLane.assertAxisLabelCount(viewBySwimLaneTestSubj, 'y', 5); + + await ml.swimLane.selectPage(viewBySwimLaneTestSubj, 3); - await ml.testExecution.logTestStep('check page content'); - await ml.swimLane.assertSelection(viewBySwimLaneTestSubj, { - x: [1454817600000, 1454832000000], - y: ['AAL'], + await ml.testExecution.logTestStep('resets pagination'); + await ml.swimLane.setPageSize(viewBySwimLaneTestSubj, 10); + await ml.swimLane.assertActivePage(viewBySwimLaneTestSubj, 1); }); - await ml.anomaliesTable.assertTableRowsCount(1); - await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 1); - await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(1); + it('supports cell selection by click on View By swim lane', async () => { + await ml.testExecution.logTestStep('checking page state before the cell selection'); + await ml.anomalyExplorer.assertClearSelectionButtonVisible(false); + await ml.anomaliesTable.assertTableRowsCount(25); + await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 10); + await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(0); + + await ml.testExecution.logTestStep('clicks on the View By swim lane cell'); + await ml.anomalyExplorer.assertSwimlaneViewByExists(); + const sampleCell = (await ml.swimLane.getCells(viewBySwimLaneTestSubj))[0]; + await ml.swimLane.selectSingleCell(viewBySwimLaneTestSubj, { + x: sampleCell.x + cellSize, + y: sampleCell.y + cellSize, + }); + await ml.swimLane.waitForSwimLanesToLoad(); + + await ml.testExecution.logTestStep('check page content'); + await ml.swimLane.assertSelection(viewBySwimLaneTestSubj, { + x: [1454817600000, 1454832000000], + y: ['AAL'], + }); - await ml.testExecution.logTestStep('highlights the Overall swim lane'); - await ml.swimLane.assertSelection(overallSwimLaneTestSubj, { - x: [1454817600000, 1454832000000], - y: ['Overall'], - }); + await ml.anomaliesTable.assertTableRowsCount(1); + await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 1); + await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(1); - await ml.testExecution.logTestStep('restores app state from the URL state'); - await browser.refresh(); - await elasticChart.setNewChartUiDebugFlag(true); - await ml.swimLane.waitForSwimLanesToLoad(); - await ml.swimLane.assertSelection(viewBySwimLaneTestSubj, { - x: [1454817600000, 1454832000000], - y: ['AAL'], - }); - await ml.anomaliesTable.assertTableRowsCount(1); - await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 1); - await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(1); - await ml.swimLane.assertSelection(overallSwimLaneTestSubj, { - x: [1454817600000, 1454832000000], - y: ['Overall'], - }); + await ml.testExecution.logTestStep('highlights the Overall swim lane'); + await ml.swimLane.assertSelection(overallSwimLaneTestSubj, { + x: [1454817600000, 1454832000000], + y: ['Overall'], + }); - await ml.testExecution.logTestStep('clears the selection'); - await ml.anomalyExplorer.clearSwimLaneSelection(); - await ml.swimLane.waitForSwimLanesToLoad(); + await ml.testExecution.logTestStep('restores app state from the URL state'); + await browser.refresh(); + await elasticChart.setNewChartUiDebugFlag(true); + await ml.swimLane.waitForSwimLanesToLoad(); + await ml.swimLane.assertSelection(viewBySwimLaneTestSubj, { + x: [1454817600000, 1454832000000], + y: ['AAL'], + }); + await ml.anomaliesTable.assertTableRowsCount(1); + await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 1); + await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(1); + await ml.swimLane.assertSelection(overallSwimLaneTestSubj, { + x: [1454817600000, 1454832000000], + y: ['Overall'], + }); - await ml.anomaliesTable.assertTableRowsCount(25); - await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 10); - await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(0); - }); + await ml.testExecution.logTestStep('clears the selection'); + await ml.anomalyExplorer.clearSwimLaneSelection(); + await ml.swimLane.waitForSwimLanesToLoad(); - it('supports cell selection by brush action', async () => { - await ml.testExecution.logTestStep('checking page state before the cell selection'); - await ml.anomalyExplorer.assertClearSelectionButtonVisible(false); - await ml.anomaliesTable.assertTableRowsCount(25); - await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 10); - await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(0); - - await ml.anomalyExplorer.assertSwimlaneViewByExists(); - const cells = await ml.swimLane.getCells(viewBySwimLaneTestSubj); - - const sampleCell1 = cells[0]; - // Get cell from another row - const sampleCell2 = cells.find((c) => c.y !== sampleCell1.y); - - await ml.swimLane.selectCells(viewBySwimLaneTestSubj, { - x1: sampleCell1.x + cellSize, - y1: sampleCell1.y + cellSize, - x2: sampleCell2!.x + cellSize, - y2: sampleCell2!.y + cellSize, + await ml.anomaliesTable.assertTableRowsCount(25); + await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 10); + await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(0); }); - await ml.swimLane.waitForSwimLanesToLoad(); - await ml.swimLane.assertSelection(viewBySwimLaneTestSubj, { - x: [1454817600000, 1454860800000], - y: ['AAL', 'EGF'], - }); + it('supports cell selection by brush action', async () => { + await ml.testExecution.logTestStep('checking page state before the cell selection'); + await ml.anomalyExplorer.assertClearSelectionButtonVisible(false); + await ml.anomaliesTable.assertTableRowsCount(25); + await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 10); + await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(0); + + await ml.anomalyExplorer.assertSwimlaneViewByExists(); + const cells = await ml.swimLane.getCells(viewBySwimLaneTestSubj); + + const sampleCell1 = cells[0]; + // Get cell from another row + const sampleCell2 = cells.find((c) => c.y !== sampleCell1.y); + + await ml.swimLane.selectCells(viewBySwimLaneTestSubj, { + x1: sampleCell1.x + cellSize, + y1: sampleCell1.y + cellSize, + x2: sampleCell2!.x + cellSize, + y2: sampleCell2!.y + cellSize, + }); + await ml.swimLane.waitForSwimLanesToLoad(); - await ml.anomaliesTable.assertTableRowsCount(3); - await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 2); - await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(3); + await ml.swimLane.assertSelection(viewBySwimLaneTestSubj, { + x: [1454817600000, 1454860800000], + y: ['AAL', 'EGF'], + }); - await ml.testExecution.logTestStep('clears the selection'); - await ml.anomalyExplorer.clearSwimLaneSelection(); - await ml.swimLane.waitForSwimLanesToLoad(); + await ml.anomaliesTable.assertTableRowsCount(3); + await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 2); + await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(3); - await ml.anomaliesTable.assertTableRowsCount(25); - await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 10); - await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(0); - }); + await ml.testExecution.logTestStep('clears the selection'); + await ml.anomalyExplorer.clearSwimLaneSelection(); + await ml.swimLane.waitForSwimLanesToLoad(); - it('allows to change the anomalies table pagination', async () => { - await ml.testExecution.logTestStep('displays the anomalies table with default config'); - await ml.anomaliesTable.assertTableExists(); - await ml.anomaliesTable.assertRowsNumberPerPage(25); - await ml.anomaliesTable.assertTableRowsCount(25); + await ml.anomaliesTable.assertTableRowsCount(25); + await ml.anomalyExplorer.assertInfluencerFieldListLength('airline', 10); + await ml.anomalyExplorer.assertAnomalyExplorerChartsCount(0); + }); - await ml.testExecution.logTestStep('updates table pagination'); - await ml.anomaliesTable.setRowsNumberPerPage(10); - await ml.anomaliesTable.assertTableRowsCount(10); - }); + it('allows to change the anomalies table pagination', async () => { + await ml.testExecution.logTestStep('displays the anomalies table with default config'); + await ml.anomaliesTable.assertTableExists(); + await ml.anomaliesTable.assertRowsNumberPerPage(25); + await ml.anomaliesTable.assertTableRowsCount(25); - it('renders swim lanes correctly on the time bounds change', async () => { - const fromTime = 'Jul 7, 2012 @ 00:00:00.000'; - const toTime = 'Feb 12, 2016 @ 23:59:54.000'; - - await PageObjects.timePicker.pauseAutoRefresh(); - await PageObjects.timePicker.setAbsoluteRange(fromTime, toTime); - - await ml.commonUI.waitForDatePickerIndicatorLoaded(); - - await ml.swimLane.waitForSwimLanesToLoad(); - await ml.swimLane.assertAxisLabels(viewBySwimLaneTestSubj, 'x', [ - '2012-06-19', - '2012-11-16', - '2013-04-15', - '2013-09-12', - '2014-02-09', - '2014-07-09', - '2014-12-06', - '2015-05-05', - '2015-10-02', - ]); - }); + await ml.testExecution.logTestStep('updates table pagination'); + await ml.anomaliesTable.setRowsNumberPerPage(10); + await ml.anomaliesTable.assertTableRowsCount(10); + }); + + it('renders swim lanes correctly on the time bounds change', async () => { + const fromTime = 'Jul 7, 2012 @ 00:00:00.000'; + const toTime = 'Feb 12, 2016 @ 23:59:54.000'; + + await PageObjects.timePicker.pauseAutoRefresh(); + await PageObjects.timePicker.setAbsoluteRange(fromTime, toTime); - describe('Anomaly Swim Lane as embeddable', function () { - beforeEach(async () => { - await ml.navigation.navigateToAnomalyExplorer(testData.jobConfig.job_id, { - from: '2016-02-07T00%3A00%3A00.000Z', - to: '2016-02-11T23%3A59%3A54.000Z', - }); - await ml.commonUI.waitForMlLoadingIndicatorToDisappear(); await ml.commonUI.waitForDatePickerIndicatorLoaded(); + + await ml.swimLane.waitForSwimLanesToLoad(); + await ml.swimLane.assertAxisLabels(viewBySwimLaneTestSubj, 'x', [ + '2012-06-19', + '2012-11-16', + '2013-04-15', + '2013-09-12', + '2014-02-09', + '2014-07-09', + '2014-12-06', + '2015-05-05', + '2015-10-02', + ]); }); - it('attaches swim lane embeddable to a case', async () => { - await ml.anomalyExplorer.attachSwimLaneToCase('viewBy', { - title: 'ML Test case', - description: 'Case with an anomaly swim lane', - tag: 'ml_swim_lane_case', + describe('Anomaly Swim Lane as embeddable', function () { + beforeEach(async () => { + await ml.navigation.navigateToAnomalyExplorer(testData.jobConfig.job_id, { + from: '2016-02-07T00%3A00%3A00.000Z', + to: '2016-02-11T23%3A59%3A54.000Z', + }); + await ml.commonUI.waitForMlLoadingIndicatorToDisappear(); + await ml.commonUI.waitForDatePickerIndicatorLoaded(); }); - const expectedAttachment = { - swimlaneType: 'viewBy', - viewBy: 'airline', - jobIds: [testData.jobConfig.job_id], - timeRange: { - from: '2016-02-07T00:00:00.000Z', - to: '2016-02-11T23:59:54.000Z', - }, - } as AnomalySwimLaneEmbeddableState; - - expectedAttachment.id = stringHash(JSON.stringify(expectedAttachment)).toString(); - - await ml.cases.assertCaseWithAnomalySwimLaneAttachment( - { + it('attaches swim lane embeddable to a case', async () => { + await ml.anomalyExplorer.attachSwimLaneToCase('viewBy', { title: 'ML Test case', description: 'Case with an anomaly swim lane', tag: 'ml_swim_lane_case', - reporter: USER.ML_POWERUSER, - }, - expectedAttachment, - { - yAxisLabelCount: 10, - } - ); - }); + }); + + const expectedAttachment = { + swimlaneType: 'viewBy', + viewBy: 'airline', + jobIds: [testData.jobConfig.job_id], + timeRange: { + from: '2016-02-07T00:00:00.000Z', + to: '2016-02-11T23:59:54.000Z', + }, + } as AnomalySwimLaneEmbeddableState; + + expectedAttachment.id = stringHash(JSON.stringify(expectedAttachment)).toString(); + + await ml.cases.assertCaseWithAnomalySwimLaneAttachment( + { + title: 'ML Test case', + description: 'Case with an anomaly swim lane', + tag: 'ml_swim_lane_case', + reporter: USER.ML_POWERUSER, + }, + expectedAttachment, + { + yAxisLabelCount: 10, + } + ); + }); - it('adds swim lane embeddable to a dashboard', async () => { - await ml.testExecution.logTestStep( - 'should allow to attach anomaly swim lane embeddable to the dashboard' - ); - await ml.anomalyExplorer.openAddToDashboardControl(); - await ml.anomalyExplorer.addAndEditSwimlaneInDashboard('ML Test'); + it('adds swim lane embeddable to a dashboard', async () => { + await ml.testExecution.logTestStep( + 'should allow to attach anomaly swim lane embeddable to the dashboard' + ); + await ml.anomalyExplorer.openAddToDashboardControl(); + await ml.anomalyExplorer.addAndEditSwimlaneInDashboard('ML Test'); + }); }); - }); - describe('Anomaly Charts as embeddable', function () { - beforeEach(async () => { - await ml.navigation.navigateToAnomalyExplorer( - testData.jobConfig.job_id, - { - from: '2016-02-07T00%3A00%3A00.000Z', - to: '2016-02-11T23%3A59%3A54.000Z', - }, - () => elasticChart.setNewChartUiDebugFlag(true) - ); + describe('Anomaly Charts as embeddable', function () { + beforeEach(async () => { + await ml.navigation.navigateToAnomalyExplorer( + testData.jobConfig.job_id, + { + from: '2016-02-07T00%3A00%3A00.000Z', + to: '2016-02-11T23%3A59%3A54.000Z', + }, + () => elasticChart.setNewChartUiDebugFlag(true) + ); - await ml.commonUI.waitForMlLoadingIndicatorToDisappear(); - await ml.commonUI.waitForDatePickerIndicatorLoaded(); + await ml.commonUI.waitForMlLoadingIndicatorToDisappear(); + await ml.commonUI.waitForDatePickerIndicatorLoaded(); - await ml.testExecution.logTestStep('clicks on the Overall swim lane cell'); - const sampleCell = (await ml.swimLane.getCells(overallSwimLaneTestSubj))[0]; - await ml.swimLane.selectSingleCell(overallSwimLaneTestSubj, { - x: sampleCell.x + cellSize, - y: sampleCell.y + cellSize, + await ml.testExecution.logTestStep('clicks on the Overall swim lane cell'); + const sampleCell = (await ml.swimLane.getCells(overallSwimLaneTestSubj))[0]; + await ml.swimLane.selectSingleCell(overallSwimLaneTestSubj, { + x: sampleCell.x + cellSize, + y: sampleCell.y + cellSize, + }); + await ml.swimLane.waitForSwimLanesToLoad(); + }); + + it('attaches an embeddable to a case', async () => { + await ml.anomalyExplorer.attachAnomalyChartsToCase({ + title: 'ML Charts Test case', + description: 'Case with an anomaly charts attachment', + tag: 'ml_anomaly_charts', + }); + + const expectedAttachment = { + jobIds: [testData.jobConfig.job_id], + maxSeriesToPlot: 6, + }; + + // @ts-expect-error Setting id to be undefined here + // since time range expected is of the chart plotEarliest/plotLatest, not of the global time range + // but, chart time range might vary depends on the time of the test + // we don't know the hashed string id for sure + expectedAttachment.id = undefined; + + await ml.cases.assertCaseWithAnomalyChartsAttachment( + { + title: 'ML Charts Test case', + description: 'Case with an anomaly charts attachment', + tag: 'ml_anomaly_charts', + reporter: USER.ML_POWERUSER, + }, + expectedAttachment, + 6 + ); }); - await ml.swimLane.waitForSwimLanesToLoad(); }); - it('attaches an embeddable to a case', async () => { - await ml.anomalyExplorer.attachAnomalyChartsToCase({ - title: 'ML Charts Test case', - description: 'Case with an anomaly charts attachment', - tag: 'ml_anomaly_charts', + describe('Use anomaly table action to view in Discover', function () { + beforeEach(async () => { + await ml.navigation.navigateToAnomalyExplorer( + testData.jobConfig.job_id, + { + from: '2016-02-07T00%3A00%3A00.000Z', + to: '2016-02-11T23%3A59%3A54.000Z', + }, + () => elasticChart.setNewChartUiDebugFlag(true) + ); + + await ml.commonUI.waitForMlLoadingIndicatorToDisappear(); + await ml.commonUI.waitForDatePickerIndicatorLoaded(); + await ml.swimLane.waitForSwimLanesToLoad(); }); - const expectedAttachment = { - jobIds: [testData.jobConfig.job_id], - maxSeriesToPlot: 6, - }; + it('should render the anomaly table', async () => { + await ml.testExecution.logTestStep('displays the anomalies table'); + await ml.anomaliesTable.assertTableExists(); - // @ts-expect-error Setting id to be undefined here - // since time range expected is of the chart plotEarliest/plotLatest, not of the global time range - // but, chart time range might vary depends on the time of the test - // we don't know the hashed string id for sure - expectedAttachment.id = undefined; + await ml.testExecution.logTestStep('anomalies table is not empty'); + await ml.anomaliesTable.assertTableNotEmpty(); + }); - await ml.cases.assertCaseWithAnomalyChartsAttachment( - { - title: 'ML Charts Test case', - description: 'Case with an anomaly charts attachment', - tag: 'ml_anomaly_charts', - reporter: USER.ML_POWERUSER, - }, - expectedAttachment, - 6 - ); + it('should click the Discover action in the anomaly table', async () => { + await ml.anomaliesTable.assertAnomalyActionsMenuButtonExists(0); + await ml.anomaliesTable.scrollRowIntoView(0); + await ml.anomaliesTable.assertAnomalyActionsMenuButtonEnabled(0, true); + await ml.anomaliesTable.assertAnomalyActionDiscoverButtonExists(0); + await ml.anomaliesTable.ensureAnomalyActionDiscoverButtonClicked(0); + }); }); }); + } + }); + describe('with no influencers', function () { + for (const testData of testDataListWithNoInfluencers) { + before(async () => { + await ml.api.createAndRunAnomalyDetectionLookbackJob( + testData.jobConfig, + testData.datafeedConfig + ); + }); - describe('Use anomaly table action to view in Discover', function () { - beforeEach(async () => { - await ml.navigation.navigateToAnomalyExplorer( - testData.jobConfig.job_id, - { - from: '2016-02-07T00%3A00%3A00.000Z', - to: '2016-02-11T23%3A59%3A54.000Z', - }, - () => elasticChart.setNewChartUiDebugFlag(true) - ); + after(async () => { + await elasticChart.setNewChartUiDebugFlag(false); + await ml.api.cleanMlIndices(); + }); - await ml.commonUI.waitForMlLoadingIndicatorToDisappear(); - await ml.commonUI.waitForDatePickerIndicatorLoaded(); - await ml.swimLane.waitForSwimLanesToLoad(); - }); + it('should not display the influencers panel', async () => { + await ml.testExecution.logTestStep('navigate to job list'); + await ml.navigation.navigateToMl(); + // Set debug state has to happen at this point + // because page refresh happens after navigation to the ML app. + await elasticChart.setNewChartUiDebugFlag(true); + await ml.navigation.navigateToJobManagement(); - it('should render the anomaly table', async () => { - await ml.testExecution.logTestStep('displays the anomalies table'); - await ml.anomaliesTable.assertTableExists(); + await ml.testExecution.logTestStep('open job in anomaly explorer'); + await ml.jobTable.filterWithSearchString(testData.jobConfig.job_id, 1); - await ml.testExecution.logTestStep('anomalies table is not empty'); - await ml.anomaliesTable.assertTableNotEmpty(); - }); + await ml.jobTable.clickOpenJobInAnomalyExplorerButton(testData.jobConfig.job_id); + await ml.commonUI.waitForMlLoadingIndicatorToDisappear(); + await ml.jobSelection.assertJobSelection([testData.jobConfig.job_id]); - it('should click the Discover action in the anomaly table', async () => { - await ml.anomaliesTable.assertAnomalyActionsMenuButtonExists(0); - await ml.anomaliesTable.scrollRowIntoView(0); - await ml.anomaliesTable.assertAnomalyActionsMenuButtonEnabled(0, true); - await ml.anomaliesTable.assertAnomalyActionDiscoverButtonExists(0); - await ml.anomaliesTable.ensureAnomalyActionDiscoverButtonClicked(0); - }); + await ml.testExecution.logTestStep('does not display the influencers list'); + await ml.anomalyExplorer.assertInfluencerListDoesNotExist(); }); - }); - } + } + }); }); } diff --git a/x-pack/test/functional/config.base.js b/x-pack/test/functional/config.base.js index 033a7faa98303..8d1e875dabccc 100644 --- a/x-pack/test/functional/config.base.js +++ b/x-pack/test/functional/config.base.js @@ -573,6 +573,20 @@ export default async function ({ readConfigFile }) { ], }, + read_ilm: { + elasticsearch: { + cluster: ['read_ilm'], + }, + kibana: [ + { + feature: { + advancedSettings: ['read'], + }, + spaces: ['default'], + }, + ], + }, + index_management_user: { elasticsearch: { cluster: ['monitor', 'manage_index_templates', 'manage_enrich'], diff --git a/x-pack/test/functional/page_objects/index_lifecycle_management_page.ts b/x-pack/test/functional/page_objects/index_lifecycle_management_page.ts index a0061dff067d1..f9c743e8855cf 100644 --- a/x-pack/test/functional/page_objects/index_lifecycle_management_page.ts +++ b/x-pack/test/functional/page_objects/index_lifecycle_management_page.ts @@ -30,6 +30,9 @@ export function IndexLifecycleManagementPageProvider({ getService }: FtrProvider async clickCreatePolicyButton() { return await testSubjects.click('createPolicyButton'); }, + async createPolicyButtonExists() { + return await testSubjects.exists('createPolicyButton'); + }, async fillNewPolicyForm(policy: Policy) { const { policyName, @@ -88,5 +91,19 @@ export function IndexLifecycleManagementPageProvider({ getService }: FtrProvider async getPolicyRow(name: string) { return await testSubjects.findAll(`policyTableRow-${name}`); }, + + async flyoutHeaderText() { + return await testSubjects.getVisibleText('policyFlyoutTitle'); + }, + async closePolicyFlyout() { + await testSubjects.click('policyFlyoutCloseButton'); + }, + async flyoutHeader() { + return await testSubjects.find('policyFlyoutTitle'); + }, + async clickPolicyNameLink(index: number) { + const links = await testSubjects.findAll('policyTablePolicyNameLink'); + await links[index].click(); + }, }; } diff --git a/x-pack/test/functional/services/ml/anomaly_explorer.ts b/x-pack/test/functional/services/ml/anomaly_explorer.ts index cb183eee0c543..6774bd097f001 100644 --- a/x-pack/test/functional/services/ml/anomaly_explorer.ts +++ b/x-pack/test/functional/services/ml/anomaly_explorer.ts @@ -30,6 +30,10 @@ export function MachineLearningAnomalyExplorerProvider( await testSubjects.existOrFail('mlAnomalyExplorerInfluencerList'); }, + async assertInfluencerListDoesNotExist() { + await testSubjects.missingOrFail('mlAnomalyExplorerInfluencerList'); + }, + async assertInfluencerFieldExists(influencerField: string) { await testSubjects.existOrFail(`mlInfluencerFieldName ${influencerField}`); }, diff --git a/x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/serverless_metering/cloud_security_metering.ts b/x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/serverless_metering/cloud_security_metering.ts index 482e0a571d835..01c2ebf9a64a7 100644 --- a/x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/serverless_metering/cloud_security_metering.ts +++ b/x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/serverless_metering/cloud_security_metering.ts @@ -6,10 +6,8 @@ */ import expect from '@kbn/expect'; -import { - LATEST_FINDINGS_INDEX_DEFAULT_NS, - CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, -} from '@kbn/cloud-security-posture-plugin/common/constants'; +import { CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN } from '@kbn/cloud-security-posture-common'; +import { LATEST_FINDINGS_INDEX_DEFAULT_NS } from '@kbn/cloud-security-posture-plugin/common/constants'; import * as http from 'http'; import { deleteIndex, diff --git a/x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts b/x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts index 02340e4f7a8fc..a9da3a42cdfc8 100644 --- a/x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts +++ b/x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts @@ -7,10 +7,10 @@ import expect from '@kbn/expect'; import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; import type { CspSetupStatus } from '@kbn/cloud-security-posture-common'; +import { CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN } from '@kbn/cloud-security-posture-common'; import { FINDINGS_INDEX_DEFAULT_NS, LATEST_FINDINGS_INDEX_DEFAULT_NS, - CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, VULNERABILITIES_INDEX_DEFAULT_NS, } from '@kbn/cloud-security-posture-plugin/common/constants'; import { diff --git a/x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexing.ts b/x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexing.ts index 6e6f8d128bb35..ec6a5835e6aa3 100644 --- a/x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexing.ts +++ b/x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexing.ts @@ -7,10 +7,10 @@ import expect from '@kbn/expect'; import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; import type { CspSetupStatus } from '@kbn/cloud-security-posture-common'; +import { CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN } from '@kbn/cloud-security-posture-common'; import { FINDINGS_INDEX_DEFAULT_NS, LATEST_FINDINGS_INDEX_DEFAULT_NS, - CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN, VULNERABILITIES_INDEX_DEFAULT_NS, } from '@kbn/cloud-security-posture-plugin/common/constants'; import { diff --git a/yarn.lock b/yarn.lock index ce0eefb6f4aa7..efe12772a7fb4 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4675,6 +4675,10 @@ version "0.0.0" uid "" +"@kbn/data-usage-plugin@link:x-pack/plugins/data_usage": + version "0.0.0" + uid "" + "@kbn/data-view-editor-plugin@link:src/plugins/data_view_editor": version "0.0.0" uid "" @@ -5467,7 +5471,7 @@ version "0.0.0" uid "" -"@kbn/language-documentation-popover@link:packages/kbn-language-documentation-popover": +"@kbn/language-documentation@link:packages/kbn-language-documentation": version "0.0.0" uid ""